httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [users@httpd] Secure Apache VirtualHost and suEXEC Support
Date Thu, 24 Jul 2003 16:51:21 GMT

On Thu, 24 Jul 2003, Sagara Wijetunga wrote:

> Dear Joshua
>
> Thanks for your clarification.
>
> What really confuse me was the point 13 (Is the
> directory within the Apache webspace?) under the
> “suEXEC Security Model” of the “suEXEC Support
> documentation”
> (http://httpd.apache.org/docs-2.0/suexec.html).
>
> The point 13 should have better written as “If the
> request is for a regular portion of the server, is the
> requested directory within the suEXEC's docroot
> (--with-suexec-docroot=DIR)?”

You are correct.  In general, for optimal security, the two document roots
should be the same.  But, as you notice, it doesn't work so well in some
scenarios.

Please feel free to submit a bug report to the apache bug database about
this.  That way when someone goes to clean up those docs it won't be
forgotten.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message