On 2016-06-08 at 14:24, Nick Kew wrote : > On Wed, 2016-06-08 at 08:01 -0400, Eric Covener wrote: >> On Sat, Apr 16, 2016 at 6:00 PM, Ben RUBSON <ben.rub...@gmail.com> wrote: >>> Then my question is, could it be possible ? >> >> You would need your own daemon launched during an early hook (like >> post_config). You wouldn't be able to respond [directly] to requests, >> you'd need to reach out over something like a pipe the way rewritemap >> does. >> > A hacked suexec would be a per-request option. Or using > solaris and mod_privileges might just possibly help with > more fine-grained escalation.
Nick, thank you very much for your answer, and sorry for my late reply. I red suexec source code, it gave me some ideas : I could write my own setuid-ed program which would : - setuid(<user_id>) - only perform the needed tasks under <user> - exit This program could be then called from any other custom module etc... Thank you again ! Ben --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
