From owner-freebsd-security@FreeBSD.ORG  Fri May  5 12:21:16 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 622AC16A416;
	Fri,  5 May 2006 12:21:16 +0000 (UTC)
	(envelope-from Alexander@Leidinger.net)
Received: from www.ebusiness-leidinger.de (jojo.ms-net.de [84.16.236.246])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 59B1543D4C;
	Fri,  5 May 2006 12:21:15 +0000 (GMT)
	(envelope-from Alexander@Leidinger.net)
Received: from Andro-Beta.Leidinger.net (p54A5CCDB.dip.t-dialin.net
	[84.165.204.219]) (authenticated bits=0)
	by www.ebusiness-leidinger.de (8.13.4/8.13.1) with ESMTP id
	k45CD0t3026771; Fri, 5 May 2006 14:13:01 +0200 (CEST)
	(envelope-from Alexander@Leidinger.net)
Received: from localhost (localhost [127.0.0.1])
	by Andro-Beta.Leidinger.net (8.13.4/8.13.3) with ESMTP id
	k45CL4E1041439; Fri, 5 May 2006 14:21:04 +0200 (CEST)
	(envelope-from Alexander@Leidinger.net)
Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by
	webmail.leidinger.net (Horde MIME library) with HTTP; Fri, 05 May 2006
	14:21:03 +0200
Message-ID: <20060505142103.8iu70vc9ic0ocgs0@netchild.homeip.net>
X-Priority: 3 (Normal)
Date: Fri, 05 May 2006 14:21:03 +0200
From: Alexander Leidinger <Alexander@Leidinger.net>
To: Borja Marcos <BORJAMAR@SARENET.ES>
References: <CB6E482F-221F-4D31-8814-BF4A23D3E19E@SARENET.ES>
	<20060504172309.D17611@fledge.watson.org>
	<FDEE8EA9-0AA0-4CD9-854F-B543A1288101@SARENET.ES>
In-Reply-To: <FDEE8EA9-0AA0-4CD9-854F-B543A1288101@SARENET.ES>
MIME-Version: 1.0
Content-Type: text/plain;
	charset=UTF-8;
	DelSp="Yes";
	format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
User-Agent: Internet Messaging Program (IMP) H3 (4.1) / FreeBSD-4.11
X-Virus-Scanned: by amavisd-new
X-Mailman-Approved-At: Fri, 05 May 2006 12:25:42 +0000
Cc: freebsd-security@freebsd.org, Robert Watson <rwatson@freebsd.org>
Subject: Re: MAC policies and shared hosting
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2006 12:21:16 -0000

Quoting Borja Marcos <BORJAMAR@SARENET.ES> (from Fri, 5 May 2006 =20
11:09:31 +0200):

> The possible practical implementation of this scheme would use Zeus
> webserver, which has an option to execute each CGI with the uid of its
> owner. Of course, it could be interesting to add some functionality,
> for example, to Apache, in order to take advantage of the new security
> mechanisms.

FYI: apache has the suexec wrapper. But it only covers real CGI's, not =20
apache modules like php, mod_perl, ... or plain html files serving. =20
For this to work either apache would have to run a httpd process for =20
every virtual host, or the OS has to provide the possibility to allow =20
to change the UID of a particular user (here: www) to some other user =20
(as configured in the virtual host part of the apache config) without =20
entering a password (maybe via RBAC "allow su from uid www to uid =20
[1000,2000] nopwd").

Bye,
Alexander.

--=20
http://www.Leidinger.net  Alexander @ Leidinger.net: PGP ID =3D B0063FE7
http://www.FreeBSD.org     netchild @ FreeBSD.org  : PGP ID =3D 72077137
Intellect annuls Fate.
So far as a man thinks, he is free.
=09=09-- Ralph Waldo Emerson