httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [users@httpd] suEXEC to execute CGI programs as the user to which the request is being directed
Date Thu, 06 Nov 2003 17:44:34 GMT

On Thu, 6 Nov 2003, John T. Stucki wrote:

> Thanks, but...
>
> Ok, so I took out the SuexecUserGroup directive, but now I get this:
> [2003-11-06 11:50:47]: uid: (73503/localuser) gid: (1/1) cmd: cgi1.pl
> [2003-11-06 11:50:47]: cannot run as forbidden gid (1/cgi1.pl)
>
> If I can't use SuexecUserGroup I can't set the gid, If I use
> SuexecUserGroup  I can't get it to use the user's uid.  Seems like I'm
> stuck between a rock and a hard place.

Apache uses getpwnam() to grab the userid and groupid for the specified
username.  For your user, the group id assigned in the user database
(/etc/password or whatever your os uses) is 1.  This is not a good thing.
You can fix it by changing the group assigned to that user in your OS user
database.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message