On Thu, Aug 12, 2010 at 09:49, David Ricar <r...@ethernet.cz> wrote: > I need just one thing: replace others writable tests by is_in_homedir > test - suexec does not solve, who could rewrite the code, but where the > code is located. My patch is rather naive and dirty proof of concept > right now, I will polish it a bit and post here. > I just wonder how others solve this as this should be very common problem...
I don't understand what it is you are doing, so I cannot comment on whether it is common or not, or even secure. A test to detect if others can write a file that would be executed is a critical test on a multi-user machine. Similarly, testing if all parent directories can be written by others is important, too (otherwise, someone could move names around at some directory level to get their executable to be used). -- sHiFt HaPpEnS! --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
