From owner-freebsd-security  Thu Nov 15  3:35:50 2001
Delivered-To: freebsd-security@freebsd.org
Received: from SRDMAIL.SINP.MSU.RU (bigking.sinp.msu.ru [213.131.9.130])
	by hub.freebsd.org (Postfix) with ESMTP
	id 764B937B419; Thu, 15 Nov 2001 03:35:46 -0800 (PST)
Received: from [194.220.213.239] (helo=sinp.msu.ru)
	by SRDMAIL.SINP.MSU.RU with esmtp (Exim 3.33 #3)
	id 164KmO-000I11-00; Thu, 15 Nov 2001 14:34:00 +0300
Message-ID: <3BF3A877.90007@sinp.msu.ru>
Date: Thu, 15 Nov 2001 14:35:19 +0300
From: Dmitry Mottl <dima@sinp.msu.ru>
Organization: SINP MSU
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.4) Gecko/20011004
X-Accept-Language: ru, en
MIME-Version: 1.0
To: Anthony Atkielski <anthony@atkielski.com>
Cc: freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject: Re: Apache question
References: <3BF3A166.2090009@sinp.msu.ru> <008001c16dc6$ca418bd0$0a00000a@atkielski.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Anthony Atkielski wrote:

> What exactly do you mean when you say that virtual hosts must have "no access to
> each other"?
User A can write a cgi script which can read user B files,

cause a cgi will run under wwwguest, and user B files must readable by wwwguest
So, I don't want A to read B's files.

A and B are users that have RW access to their virtual hosts (through ftp)

wwwguest is a httpd sandbox.

--
best regards,
Dmitry Mottl



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message