From owner-freebsd-questions Wed Jan 2 15:46:33 2002 Delivered-To: freebsd-questions@freebsd.org Received: from c003.snv.cp.net (c003-h000.c003.snv.cp.net [209.228.32.214]) by hub.freebsd.org (Postfix) with SMTP id E15FB37B419 for ; Wed, 2 Jan 2002 15:46:31 -0800 (PST) Received: (cpmta 20709 invoked from network); 2 Jan 2002 15:46:31 -0800 Received: from 216.227.100.85 (HELO vector) by smtp.telocity.com (209.228.32.214) with SMTP; 2 Jan 2002 15:46:31 -0800 X-Sent: 2 Jan 2002 23:46:31 GMT From: "Dustin Puryear" To: "Matthew Graybosch" , Subject: RE: Getting Apache to run as user www only Date: Wed, 2 Jan 2002 17:55:25 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <20020102183946.6695fc8c.matthew@starbreaker.net> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > > > I think that takes a small prize for being the best suggestion for > > > introducing a security hole the size of the grand canyon into the O/S. > > > Just think about it, before you ask why... :) > > > > Thought about it. Now, why? > > I wonder what sort of havoc I could wreak if I were to crack an > httpd bound > directly to the kernel? What does that have to do with my suggestion which was to allow a specified user to bind to a given port. I am not sure where that leads to httpd being "bound directly to the kernel." Maybe I am missing something? Please enlighten me. :) Regards, Dustin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message