Add serveral security enhancements.
- ~user execution now properly restricted to ~user's home directory and below. - execution restricted to UID/GID > 100 - restrict passed environment to known variables - call setgid() before initgroups() (portability fix) - remove use of setenv() (portability fix) Reviewed-by: Marc Slemko, Jason Dour, Randy Terbush git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@77431 13f79535-47bb-0310-9956-ffa450edef68
Please register or sign in to comment