httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jsl...@gmail.com>
Subject Re: [users@httpd] suexec in a mod_rewrite setup
Date Fri, 11 Mar 2005 13:54:43 GMT
On Fri, 11 Mar 2005 09:27:15 +0000, Gary Wilson <gwilson@plus.net> wrote:

> However, we now wish to  tighten up on security and move away from all
> users belonging to the same group (which the web server also belongs
> to), and we would like all user's (perl/php/shell etc) scripts to be
> executed as themselves so user data is better protected - for this I'd
> like to use suexec, but the problem I have is that suexec relies on the
> Suexecusergroup directive within a virtual host to work (we don't use
> userdirs).
> 
> Someone suggested to me that this isn't a problem because you can do
> variable substitution to directives in the configuration file, 

> Have I been given a bum steer here?

Yes.  That's complete garbage.

suexec is not designed for the task you are talking about.  You should
look into CGIwrap, which is a little more flexible:
http://cgiwrap.unixtools.org/

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message