SPUG: site clutter
Darren/Torin/Who Ever...
torin at daft.com
Tue Jun 26 00:15:52 CDT 2001
William Julien, in an immanent manifestation of deity, wrote:
>Hmmm. Can you explain why it is a "Bad Thing" to have your server
>running as user "nobody" and group "nobody"? It would seem to me, that
>this would provide better security for the system if you ran scripts
>as an unprivlidged user. If your cgi scripts were run under setuid,
>a poorly written script can gain access to files (owned by them) that
>were not explicily permitted by the owner as world write.
So, if User A runs his scripts as "nobody" and User B runs her scripts
as "nobody", what could User A do to User B?
Darren
--
<torin at daft.com><http://www.daft.com/~torin/> <torin at debian.org><perl at slut.org>
Darren Stalder/2608 Second Ave, @282/Seattle, WA 98121-1212/USA/+1-206-ELF-LIPZ
@ <URL:http://www.daft.com/~torin/resume.html> @
@ Unix Sys-Admin / Perl Guru / C expert for hire @
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
Subscriptions; Email to majordomo at pm.org: ACTION LIST EMAIL
Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
For daily traffic, use spug-list for LIST ; for weekly, spug-list-digest
Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
More information about the spug-list
mailing list