Stepken enscribed thusly:
> Marc Slemko wrote:
> > Have you actually looked at the code before spouting silly garbage like it
> > being "bullet proof"?
> > Do you really want to trust a server that normally runs as root and that,
> > if it fails to switch UIDs before serving a document, just logs a message
> > and proceeds as root? I don't call that bullet proof. While you wouldn't
> > be running it as root anyway on a firewall, it does indicate something
> > about the software. I'm sure it can be made secure, but your clueless
> > claim that it is god and never ever has any problems while Apache is full
> > of buffer overflows (if it is, I sure don't see them) is foolish.
> It really doesn't matter, whether it runs as root or as user. Every user
> can become root, with some common exploits. There are some patches for
> chroot() and chuid(), which are urgently needed.
> I really had some very serious problems with perl cgi's and apache. I
> also see some SSI problems on geek-girl which have been patched, thanx
> to you as co-develloper of APACHE. Mostly the security of programs (like
> apache) heavily depend on the quality of lib's
> (popen(),gets,sprintf.race-condition..problems). As programer you can't
> claim, that apache binary is ok, because there are enough included libs
> left, which are quite unsecure. So - you may be right, if you claim,
> that apache is secure, from the point of source-review. I , personally,
> only trust a chroot() version of apache or CERN.
If you only trust a chrooted version of apache or CERN, you are a
fool. Chroot does help. But there ARE exploits for getting out of chrooted
jails (especially if you manage to get superuser), just as there are
exploits for getting superuser. I, personally, don't "only" trust ANYTHING.
I depend on a combination of "things" of which chroot, and non-superuser
id's are only part. I do not "trust" chroot nor a non-root user. The
combination of the two is better. The combination of the two behind a
firewall is still better. Those behind a filtering router are better yet
still. Depend on one thing and it should be this: NOTHING is bullet-proof
(or fool proof for that matter).
> cu, Guido Stepken
Michael H. Warfield | (770) 985-6132 | mhw @
(The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!