mod_ruid2 is a suexec module for apache which takes advantage of POSIX.1e capabilities to increase performance.
License
mind04/mod-ruid2
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
master
Could not load branches
Nothing to show
Could not load tags
Nothing to show
{{ refName }}
default
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code
-
Clone
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more.
- Open with GitHub Desktop
- Download ZIP
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
Latest commit
Git stats
Files
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
ABOUT mod_ruid2 is a suexec module for apache 2.0, 2.2 and 2.4, based on mod_ruid and mod_suid2 -it runs only on Linux because only the Linux kernel has implemented the required process capabilities. -it has better performance than mod_suid2 because it doesn`t need to kill httpd children after one request. it makes use of kernel capabilites and after receiving a new request suids again. -there are some security issues, for instance if attacker successfully exploits the httpd process, he can set effective capabilities and setuid to root. i recommend to use some security patch in kernel (grsec), or something.. -there are two main operation modes: stat and config 1. config is default, you must define uid and gid. If no [ug]id is defined the default user and group are used. 2. stat httpd setuid and setgid to uid and gid of requested filename(script)/directory this is good if you use mod_vhost_alias for virtual hosting INSTALL 1. download and install latest libcap from here 2. run /apachedir/bin/apxs -a -i -l cap -c mod_ruid2.c 3. configure httpd.conf 4. restart apache CONFIGURE OPTIONS: RMode config|stat (default is config) RUidGid user|#uid group|#gid - when RMode is config, set to this uid and gid RMinUidGid user|#uid group|#gid - when uid/gid is < than min uid/gid set to default uid/gid RDefaultUidGid user|#uid group|#gid RGroups group1 group2 - additional groups set via setgroups @none - clear all previous defined groups. RDocumentChrRoot - Set chroot directory and the document root inside EXAMPLE: LoadModule ruid2_module modules/mod_ruid2.so User apache Group apache RMode stat RGroups apachetmp RDocumentChRoot /home /example.com/public_html NameVirtualHost 192.168.0.1 <VirtualHost example.com> ServerAdmin webmaster@example.com RDocumentChRoot /home /example.com/public_html ServerName example.com ServerAlias www.example.com RMode config # unnecessary since config is the default RUidGid user1 group1 RGroups apachetmp <Directory /home/example.com/public_html/dir> RMode stat </Directory> <Directory /home/example.com/public_html/dir/test> RMode config RUidGid user2 group2 RGroups groups1 </Directory> <Directory /home/example.com/public_html/dir/test/123> RUidGid user3 group3 </Directory> <Location /yustadir> RMode config RUidGid user4 user4 RGroups groups4 </Location> </VirtualHost> <VirtualHost example.net> ServerAdmin webmaster@example.net DocumentRoot /home/example.net/public_html ServerName example.net ServerAlias www.example.net </VirtualHost>
About
mod_ruid2 is a suexec module for apache which takes advantage of POSIX.1e capabilities to increase performance.
Resources
License
Stars
Watchers
Forks
Packages 0
No packages published