On Fri, 22 Aug 2003 17:21:11 +0200, Maciej Bogucki <[EMAIL PROTECTED]> wrote:
> I have run httpd in chroot with no-su mode enabled, and everything works > good. Users can only view files what are in chroot and another users > configuration. You need root only to bind to 80/tcp, and then httpd can > be run by unpriviledged user. No, you can't run httpd chroot'ed in this case. That would deny tmda-cgi access to /etc for the entire operation of the program and that wouldn't work. It does need to access /etc, you just want to control when it does. > Maybe You can add some configuration variable, where filter lists can be > stored? Perhaps. I'll experiment. > Right now one user can change configuration of another user! Under virtual users or no-su modes, yes. I'll look into controlling this more. Gre7g. _________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
