mod_diffprivs

mod_diffprivs makes Apache configurable to work as diffrent user/group and chroot env. for each VirtualServer.
Download

mod_diffprivs Ranking & Summary

Advertisement

  • Rating:
  • License:
  • GPL
  • Price:
  • FREE
  • Publisher Name:
  • Lukasz Wojtow
  • Publisher web site:

mod_diffprivs Tags


mod_diffprivs Description

mod_diffprivs makes Apache configurable to work as diffrent user/group and chroot env. for each VirtualServer. mod_diffprivs makes Apache configurable to work as diffrent user/group and chroot env. for each VirtualServer and for ~user request. Designed mostly for ISP to make Apache secure. This is a core directive in mod_diffprivs. It takes one, two or three arguments. First is an user on what Apache should call setuid() before serving file. This parameter can be given as username, or #uid. When You decide to use "username", then Apache will try to find this user in /etc/passwd file when starting. This parameter can be also "DoNothing", what mean don't call setuid(). Setuid can be call only for numbers equal or above hardcoded constant MIN_UID. You can change this value by editing file config.h.Second parameter is a group on what apache should call setgid() before serving file. This parameter can be groupname or #gid. When You decide to use "groupname", then Apache will find this group in file /etc/groups when starting. This parameter can be also "DoNothing", what mean don't call setgid. Setgid() can be call only for numbers equal or above the hardcoded constant MIN_GID. You can change this value be editing file config.h Third parameter for directive "Privs" is a path to dir where chroot() will be call before serving file. When You use it, remember about changing all paths in this configuration section. For example, was: DocumentRoot "/www/htdocs/tris" ScriptAlias /cgi-bin/ "/www/htdocs/tris/cgi-bin" and You want use Privs nobody nobody "/www/htdocs/" You must change DocumentRoot and ScriptAlias (and others) to: DocumentRoot "/tris/" ScriptAlias /cgi-bin/ "/tris/cgi-bin/"This directory must be under hardcoded constant UNDER_HERE. You can change this value by editing (well.. guess) config.h file. This directive affects only requests like www.whatever.com/blablabla.html but not www.whatever.com/~user. Requirements: · Apache 1.3.x


mod_diffprivs Related Software

About SoftwareSea