Date: Fri, 12 Nov 1999 16:18:50 +0000 (GMT) From: Didier Derny <didier@omnix.net> To: hackers@freebsd.org Subject: "bsd emulation" (controle of cgi execution) Message-ID: <Pine.BSF.3.96.991112155925.5473A-100000@omnix.net>
next in thread | raw e-mail | index | archive | help
hi, I would like to controle the execution of the cgi on my machine (specially the path used by the scripts) each client as a unique group id / user id. the binarie I want to control are either some standard FreeBSD in a chrooted enviromnent or the cgi scripts launched by suexec (largely customized version of apache suexec). for example: I have /home/user1 and /home/user2. with chroot the users are only able to see (from the cgi) /user1 and /user2 but I would like to make /user1 hidden from /user2 (and the same for the reverse case). without having to make a separate chrooted environment for each user. one the idea would be to write a "bsd emulator" base on the linux emulator to trap the system call inside the emulator. nothing would be done by this "emulator" execpt controlling the paths. the other idea would be to modify the bsd to intercept the system call for the process with a specific flag ? (to avoid slowing down standard applications) and a system called could be: processed normaly (read, write...), treated as errors (mount...) or intercepted to controle the path (a kind of suexecd) -- Didier Derny didier@omnix.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.991112155925.5473A-100000>