From owner-freebsd-isp Tue Feb 4 12:56:27 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA11446 for isp-outgoing; Tue, 4 Feb 1997 12:56:27 -0800 (PST) Received: from mail.calweb.com (mail.calweb.com [208.131.56.11]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA11426 for ; Tue, 4 Feb 1997 12:56:20 -0800 (PST) Received: from devnull (devnull.calweb.com [208.131.56.69]) by mail.calweb.com (8.8.5/8.8.5) with SMTP id MAA10927; Tue, 4 Feb 1997 12:55:53 -0800 (PST) Message-Id: <3.0.32.19970204125219.009718e0@pop.calweb.com> Warning: Unsolicited Commercial Email (UCE) will be returned to send in bulk X-Sender: jfesler@pop.calweb.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Tue, 04 Feb 1997 12:54:54 -0800 To: Steve From: Jason Fesler Subject: Re: FrontPage Extenstions Cc: freebsd-isp@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk At 02:46 PM 2/4/97 -0500, you wrote: >You a brave soul - I personally wouldnt want that big a security hole. Please research it before you say that again :-). virtualdomains, at least, are secure. Subwebs under a master domain, I have my doubts about - virtual domains, I'm perfectly happy with.. Note that the FrontPage extension stubs are marked SUID to the owner of the given virtual domain. Ie, when www.xyz.com uses FrontPage, xyz's user account owns the entire process, files, etc - *NOT* root or http. -- Jason Fesler jfesler@calweb.com Internic: 'whois jf319' Admin, CalWeb Internet Services http://www.calweb.com Junk email returned, in bulk, back to sender; w/copies to all postmasters. You got junk mail problems? Use Eudora Pro, MSIE's mail, or 'man procmail'.