httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lewis Watson" <li...@visionsix.com>
Subject Re: Secure scripting
Date Tue, 18 Jun 2002 04:03:46 GMT

----- Original Message ----- 
From: "Nick Gommans" <ngommans@dragonfly.d2g.com>
To: <users@httpd.apache.org>
Sent: Monday, June 17, 2002 10:48 PM
Subject: Secure scripting


I have realized that the Apache webserver, when it executes a script 
like PHP or PERL it will run using the permissions of the webserver.

This is fine in general, however I would really like it to, if accessing 
files/scripts within a user's directory (www.domain.com/~user/) to run 
that child service as that user so that the scripts he/she excutes can 
only modify/damage their own files.

Can I do this? or would I end up having to have a seperate process for 
each user?

Thanks in advance,
Nick



suexec does exactly this...

http://httpd.apache.org/docs/suexec.html








---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message