httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason A. Dour" <...@bcc.louisville.edu>
Subject Re: last post on suexec tonight, I swear
Date Tue, 12 Nov 1996 17:41:19 GMT
-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 11 Nov 1996, Jim Jagielski wrote:
> I think that httpd does do a chdir, but only to the r->filename.
> I have suexec actually, if in ~user "mode" get the user's homedir,
> and then do it's chdir to ~user/public_html/cgi-bin (or wherever)

	My question is, "Why?"  The server chdir()s to the location of the
request...regardless of whether or not it is a userdir or not.

	What you are suggesting is limiting all userdir CGI requests to
one CGI directory; something that is present in the current mod_sucgi.c I
wrote, but *isn't* present in the current suEXEC implementation.  Any
valid CGI request from a userdir is handled properly, using the request
dir as the cwd.  IMO, that's better than limiting all userdir CGI requests
to ~userdir/cgi-bin/.  Am I missing something, or is this what your patch
does?

Jason
# Jason A. Dour <jad@bcc.louisville.edu>                            1101
# Programmer Analyst II; Department of Radiation Oncology; Univ. of Lou.
# Finger for URLs, PGP public key, geek code, PJ Harvey info, et cetera.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMoi2wpo1JaC71RLxAQEmtgP+IbVYggShqHerzkoqjL6nsr7nDC69mSTe
P1gaREvC4p19k9EV+rEDx2hTUYY/jTpfwa73a0POF+YgIJMAJNAoGIVEEqI1tVNk
fRXyVudJyTMYTXm75LFrBjAxiPgQin8Gah9yV4ALJrv57mM2j51yOvjSPbRqMjst
vulcAl3PA/k=
=9O95
-----END PGP SIGNATURE-----


Mime
View raw message