Skip to content

phsm/mod_process_security

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

75 Commits
test
test
 
 
.clang-format
.clang-format
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
LEGAL
LEGAL
 
 
MITL
MITL
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
mod_process_security.c
mod_process_security.c
 
 

Repository files navigation

mod_process_security Build Status

This module is a suEXEC module for CGI and DSO. Improvement of mod_ruid2(vulnerability) and mod_suexec(performance).

See also http://blog.matsumoto-r.jp/?p=1972

How To Compile

  • build
apxs -i -c -l cap mod_process_security.c

If you want to enable dirty fix of my_thread_global_end() issue, use this command to build:

apxs -i -c -lcap -lmysqlclient -DMYSQL_THREAD_FORCE_END=1 mod_process_security.c
  • Add to httpd.conf or conf.d/process_security.conf
LoadModule process_security_module   modules/mod_process_security.so
PSExAll On

How To Use

  • Set Enable All Extensions On. (default Off)
PSExAll On
  • Set Enable ALL CGI Extensions On. (default Off)
PSExCGI On
  • [Optional] Set Enable Custom Extensions. (unset PSExAll)
PSExtensions .php .pl .py
  • [Optional] Set Enable Custom Handlers. (unset PSExAll)
PSHandlers application/x-httpd-php hoge-script
  • [Optional] Set Ignore Custom Extensions.
# .html and .css were ignored
PSExAll On
PSIgnoreExtensions .html .css
  • [Optional] Minimal uid and gid. (default uid:100 gid:100)
PSMinUidGid 200 200
  • [Optional] Default uid and gid. (default uid:48 gid:48)
PSDefaultUidGid
  • [Optional] Enable run with root permission (default Off)
PSRootEnable On

License

under the MIT License:

About

mod_process_security

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

5 tags

Packages

No packages published

Languages

  • C 89.5%
  • Makefile 5.2%
  • Ruby 3.0%
  • Shell 1.4%
  • Roff 0.9%