httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Andersson" <>
Subject Re: [users@httpd] Suexec and shared CGI-BIN
Date Fri, 08 Aug 2003 15:38:39 GMT
Remco Bressers wrote:
> These scripts will be run by
>, so it will have to run
> from the customers domainname.
> Ofcourse, i get the following error:
> [2003-08-08 12:30:38]: error: target uid/gid (1064/1064) mismatch with
> directory (0/0) or program (80/80)

I'm no SuExec expert, but I assume this is step 18 in its security model:

I'd have thought it was enough that it had world permissions, but it seems
as it isn't.

> Is there any workaround for this? I don't want to put the CGI in every
> home directory, i want it systemwide (/usr/local/www/cgi-bin).

Obviously you could hack away the check and recompile, but that is not a
good solution.

A possible workaround is to perform an internal proxy request or a redirect
through mod_rewrite, or even an external redirect, to a shared virtual host
which user owns the CGIs. There are numerous ways to perform the end result
of having the CGIs executed by a single user.

Robert Andersson

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message