Bug 183614
Summary: | Strange values for configuration --with-suexec-uidmin and --with-suexec-gidmin | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | JW <ohtmvyyn> |
Component: | httpd | Assignee: | Joe Orton <jorton> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-03-02 12:22:43 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
JW
2006-03-02 10:40:02 UTC
That's true except when users are created in the "users" group - that's why the minimum gid was dropped to 100. Again, this is hard-coded by design, to allow the absolute minimum risk of security issues. (In reply to comment #1) > That's true except when users are created in the "users" group - that's why the > minimum gid was dropped to 100. Again, this is hard-coded by design, to allow > the absolute minimum risk of security issues. Then why does httpd have a configuration file? Isn't that a security risk? Hey, maybe we should do "rm -fr /" because the mere existence of files is a security issue. This current worldwide plague of paranoia is farcical. It just takes one lame programmer with a hightened sense of paranoid delusion (and nothing better to do with his creativity) to totally devastate the utility of a program. I have created a patch to use configuration data from httpd.conf. It is freely available on my web site. Have a nice day. |