At 06:06 PM 3/1/2001 +0000, you wrote: >After some time playing with modperl, i realized some problem (that's >the way i call them) related with modperl! > >By looking the way modperl works today, it's clearly it were not >desgined to SECURELY support a multi-user environment. For instance: Any >user can write a script that will be able to read any file owned by the >httpd server, in a multi-user environment it should not be allowed. A >gentle way to prevent this would be not to allow a script read a file >whose owner id is not the same from the script owner id, isn't it? > Security depends on the requirements. In this case the requirement is to allow users (web masters) create web pages that have access to the Apache API (maybe) but not have access to other users' script files from within their URI space . The requirements need to be used to set up the boundary conditions. For example, suppose the requirement is to "not allow" user A to have access to user B's files within user A's URI access (boundaries). This would have to include the @INC and etc.. There would have to be an internal security boundary check mechanism to enforce the boundary conditions. Perhaps some of the Java sand box concepts could be utilized. Security is tricky stuff, because there is nothing that prevents user A from getting into user B's URL space (just like any other external request), therefor, user B has to setup their own internal-external boundaries.
