Proper test installation?

Jake jake at
Wed Dec 15 01:19:16 UTC 2004

David Miller wrote:

> Since the scripts to do it need to be setuid root for fairly obvious 
> reasons (chowning files to an arbitrary user), all that stuff is 
> hard-coded in the script for security, so the scripts need a little 
> more love than just adding a line to a config file. :)

Actually, for this demo purpose the scripts could run as 'apache'. It's 
not quite as secure for the individual install to have the files owned 
by the webserver user, but it would be functional... and in my mind it 
would be better than running a script from the web that is suid root. 
The actual demo files can be owned by, fe, bugzilla:apache but the 
clones for a specific user can be owned by apache:apache.

More information about the developers mailing list