Date: Tue, 2 Oct 2001 04:07:39 -0500 (CDT) From: hawkeyd@visi.com (D J Hawkey Jr) To: ck@cksoft.de, freebsd-security@freebsd.org Subject: Re: login.conf & FreeBSD 4.4 Message-ID: <200110020907.f9297d695258@sheol.localdomain> In-Reply-To: <Pine.LNX.4.33.0110020953290.6866-100000_localhost.cksoft.de@ns.sol.net> References: <004701c14b0c$ce44f140$45e03ac3_skif.net@ns.sol.net> <Pine.LNX.4.33.0110020953290.6866-100000_localhost.cksoft.de@ns.sol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <Pine.LNX.4.33.0110020953290.6866-100000_localhost.cksoft.de@ns.sol.net>, ck@cksoft.de writes: > > If you are talking about cgi scripts run by apache you might want to > patch suexec to do this. There is nothgin in apache that would normally > set the requested privilidges. > > we added following to apache-x-x-x/src/support/suexec.c to actually > enforce setting of resource limits. There is nothing in apache that would > normally set these up for you. > > [SNIP] Reading between the lines, are you saying that any app "not from FreeBSD" running on FreeBSD isn't likely to be accounted for because they pro'lly don't set up limiting resources (by way of the C function you hacked in)? Badly phrased, I know, but you get my drift? > Greetings > Christian Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110020907.f9297d695258>