httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: [users@httpd] changing suexec settings
Date Tue, 02 Dec 2003 18:21:17 GMT

On Mon, 1 Dec 2003 wrote:

> The idea occurred to me as you can see in my original e-mail.
> It just strikes me that it seems there isn't a more flexible and less time
> consuming way to change the suexec settings without having to re-install
> the entire apache in a dummy directory. Although security should not be
> taken lightly, the current way to modify the suexec settings is kind of
> inflexible.

As has been pointed out, you don't need to reinstall apache.  You only
need to recompile and then pick the suexec binary out of the support/

suexec is a suid root binary.  This is about the most dangerous type of
program that you can run.  It is therefore inflexible *by design* to
prevent bad things from happening.

Unfortunately, flexibility and security are sometimes inversely related.
And with suexec, security must win.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message