Skip to content
Commit 4ca6862b authored by Randy Terbush's avatar Randy Terbush
Browse files

Add serveral security enhancements. 

        - ~user execution now properly restricted to ~user's home
          directory and below.
        - execution restricted to UID/GID > 100
        - restrict passed environment to known variables
        - call setgid() before initgroups() (portability fix)
        - remove use of setenv() (portability fix)

Reviewed-by: Marc Slemko, Jason Dour, Randy Terbush


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@77431 13f79535-47bb-0310-9956-ffa450edef68
parent 12d0bb42
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment