From owner-freebsd-ports Fri Apr 24 17:40:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA09862 for freebsd-ports-outgoing; Fri, 24 Apr 1998 17:40:05 -0700 (PDT) (envelope-from owner-freebsd-ports@FreeBSD.ORG) Received: (from gnats@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA09843; Fri, 24 Apr 1998 17:40:02 -0700 (PDT) (envelope-from gnats) Date: Fri, 24 Apr 1998 17:40:02 -0700 (PDT) Message-Id: <199804250040.RAA09843@hub.freebsd.org> To: freebsd-ports Cc: From: "Scot W. Hetzel" Subject: ports/4878: Apache w/FrontPage Module Port Another Security Fix Reply-To: "Scot W. Hetzel" Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR ports/4878; it has been noted by GNATS. From: "Scot W. Hetzel" To: Cc: Subject: ports/4878: Apache w/FrontPage Module Port Another Security Fix Date: Fri, 24 Apr 1998 19:33:48 -0500 Please remove the following apache-fp ports files from the /pub/FreeBSD/incoming directory as they are obsolete: 4878.apache-fp.126.b.tgz 4878.apache-fp.126_126.b.diff The latest Apache-fp port is v126.C and is currently located on http://www.westbend.net/~hetzels/apache-fp and ftp://ftp.freebsd.org/pub/FreeBSD/incoming as: 4878.apache-fp.126.c.tgz 4878.apache-fp.126.b_126.c.diff This version of the apache-fp port corrects the following problems: 1. Corrects problem where SUEXEC was executing fpexe as root, users could possibly create a script called "fpexe" and gain root privliges. To compile apache-fp with suexec support: make [build|install] -DSUEXEC [HTTPD_USER=] NOTE: The default user suexec runs as is "www". So please check your httpd.conf file to determine the user your server is running as. If there are no objections to the port, could somebody please submit it to the Ports Collection? Thanks, Scot W. Hetzel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message