Date: Mon, 16 Apr 2001 19:57:49 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: ports/www/mnoGoSearch-current Makefile Message-ID: <20010416195744.A2726@nagual.pp.ru> In-Reply-To: <200104161536.IAA52751@gndrsh.dnsmgr.net>; from freebsd@gndrsh.dnsmgr.net on Mon, Apr 16, 2001 at 08:36:04AM -0700 References: <200104150808.f3F88I176805@freefall.freebsd.org> <200104161536.IAA52751@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 16, 2001 at 08:36:04 -0700, Rodney W. Grimes wrote: > > ache 2001/04/15 01:08:18 PDT > > > > Modified files: > > www/mnoGoSearch-current Makefile > > Log: > > chown nobody.nogroup whole /var/mnogosearch (not require additional privs for > > spelld) > > This exposes these files to NFS root access. The original concept of > nobody and nogroup was introduced by NFS, and the intent was that no > file no place ever should have a uid/gid with these values, as that > is what root is mapped to without a -maproot clause in the exports > line. > > Please do NOT continue to propogate this error of actually makeing > files owned by nobody or have group nogroup. This is needed for httpd reason. Unfortunately Apache httpd runs as nobody.nogroup and starts CGIs too. httpd must be fixed first to another user/group, probably www.www or something like. I prefer not to make fix by myself due to various backward compatibility issues I prefer to deal not. When httpd will be fixed, satellite ports can be fixed to, but not earlier. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010416195744.A2726>