httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Denis" <rinakk...@pincushion.de>
Subject [users@httpd] virtual hosts and suexec
Date Mon, 23 Dec 2002 23:05:45 GMT
Hi,

since a couple of days now I'm trying to figure out how I could solve
following problem. Maybe some has an idea.

I configured several virtual hosts. Everyone has its own DocumentRoot.
Depending on which group you belong to you are able to upload files into the
DocumentRoot.
Now the problem. As far as I know Cgi scripts run as user/group of the
apache webserver. This means that a cgi script can read any file (any file
apache can read) in any other virtual host. How can I prevent this. I know I
can use suexec, but with suexec I have the problem that the filepath (in my
case DocumentRoot) can only be writable from the user configured per virtual
host. This means that only one user could upload files. I need people of a
group to upload files.

Thanks for your help and merry x-mas,

Denis


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message