4/27 What's up with the CSUA homepage? What's that quote?
I don't get it.
\- I assume we got rooted again. OMG, hahah. I give up - linxu
\_ You're probably not rooted, but you made the mistake of
having the web heirarchy owned by the UID that the web
server is running under. Therefore, any hole in any installed
CGI or PHP can re-write pages, and probably execute arbitrary
code as the web server user. -tom
\- Soooo re-enabling cgi-bin and being dumb was the cause.
I still give up though. Ah, well...-linxu
\_ suexec or cgiwrap or the likes is a good idea too.
\_ find . -user www -exec chown not-www {} \;
would be a good start. -tom |
http://csua.com/feed/