On Thu, 14 Jul 2005, Terrence Brannon wrote:
> Enno <[EMAIL PROTECTED]> writes:
>
> > as far as I know, that uselib vulnerability has nothing to do with
> > mod_perl. it's a kernel exploit. using a different user wont fix the
> > problem, updating your kernel will. so why not do that?
>
> I wish I
Enno <[EMAIL PROTECTED]> writes:
> as far as I know, that uselib vulnerability has nothing to do with
> mod_perl. it's a kernel exploit. using a different user wont fix the
> problem, updating your kernel will. so why not do that?
I wish I could give you a link, but I cant find it. However, the
k
Geoffrey Young <[EMAIL PROTECTED]> writes:
>>Unfortunately, we have been hit by a [2]uselib() privilege elevation
>>exploit. As a result, our sysadmins have decided that any CGI/mod_perl
>>process has to run as a specific user instead of as www-data.
>
> I'll admit to not being the bes
as far as I know, that uselib vulnerability has nothing to do with
mod_perl. it's a kernel exploit. using a different user wont fix the
problem, updating your kernel will. so why not do that?
Enno
On Tue, 12 Jul 2005, Terrence Brannon wrote:
>Unfortunately, we have been hit by a [2]uselib()
>Unfortunately, we have been hit by a [2]uselib() privilege elevation
>exploit. As a result, our sysadmins have decided that any CGI/mod_perl
>process has to run as a specific user instead of as www-data.
I'll admit to not being the best SA or security-minded guy around, so maybe
this
On Tue, 2005-07-12 at 22:31 +, Terrence Brannon wrote:
>At the moment, the sysadmins see no way to run mod_perl such that the
>mod_perl requests can run as a specific user. Unless I can find a way
>to have mod_perl processes for each virtual host run as a specific
>user, we will
On Tuesday 12 July 2005 18:31, Terrence Brannon wrote:
>How can we setup our virtual hosts so that each one runs as a specific
>Unix user?
Instead of
User www-data
Group www-data
use
User specific_user
Group specific_user
I don't get
Hi,
_
Background of Problem
At our [1]webhosting cooperative, each website is setup in a virtual
host like this:
ServerName www.livingcosmos.org
ErrorLog /var/log/apache/www.livingcosmo
