httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dean Gaudet <dgau...@arctic.org>
Subject Re: mod_cgi/918: if not using suexec, apache forces user to use server gid/uid settings
Date Sun, 27 Jul 1997 06:15:35 GMT
On Sat, 26 Jul 1997, Marc Slemko wrote:
> No.  can_exec just doesn't know about magic user ID changes like those
> that happen using suexec or some other wrapper.  It checks to see if it
> can be execed given the user ID the server is running as now.  

Um yes, well, what other uid is the server going to attempt to execute it
as? 

Am I totally confused?  I thought these things were setuid root (in the
case of suexec), or setuid user (in the case of cgiwrap).  In either case
the webserver needs permission to execute the file.  That's either group
or other x that needs to be set.

Dean



Mime
View raw message