httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bob Bell <>
Subject [users@httpd] suEXEC and /etc/passwd
Date Tue, 04 Feb 2003 16:51:23 GMT
[ Disclaimer: I've searched FAQs, Usenet archives, and mailing list
archives and can't find an answer to this question, but I am more than
willing to accept a pointer ]

I'm running an Ensim-based site with name-based virtual hosts.  suEXEC
is in use.  I want to make the web directories for those hosts
(including cgi-bin directories) owned by a different user than the Ensim
"site administrator".  That is, I want to make them owned by the
"webmaster" user for that domain.  Actually accomplishing that, and
serving static pages and providing FTP access, etc. is not a problem
(which is why I'm not posting to an Ensim list).

The problem is that that user is in the /etc/passwd file for that
domain, but not in the global /etc/passwd file for the system, which is
what suEXEC checks.  From,
a condition for success in suEXEC is:
    5. Is the target user name valid?
        Does the target user exist? 

I would like to know how to disable this check.  Do I have to comment
out the lines implementing it in the suEXEC source and recompile?  What
kind of problems do I open myself up to if I do?  (I can't think of any,
as long as the other checks are all in place, and I'm a reasonably
security-minded guy)

Bob Bell <>
 "Software gets slower faster than hardware gets faster!"
   -- "Wirth's Law" - Niklaus Wirth, famous computer scientist

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message