httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gordon Thagard <gor...@eng.fsu.edu>
Subject [users@httpd] suEXEC question
Date Tue, 25 Oct 2005 19:50:31 GMT
Hello All,

I'm unclear as to how one part of suEXEC works. Specifically, I'm 
refering to the documentation located at 
http://httpd.apache.org/docs/1.3/suexec.html#usage:

*User directories:*
The suEXEC wrapper can also be used to execute CGI programs as the user 
to which the request is being directed. This is accomplished by using 
the "*|~|*" character prefixing the user ID for whom execution is 
desired. The only requirement needed for this feature to work is for CGI 
execution to be enabled for the user and that the script must meet the 
scrutiny of the security checks 
<http://httpd.apache.org/docs/1.3/suexec.html#model> above.

After reading the security checks list it seems somewhat clear that only 
the apache (perhaps the "nobody" user, as that's how I've set mine) user 
can execute cgi or PHP code. I want users to be able to authenticate and 
then be able to:

a. change passwords
b. turn off/on vacation via /usr/local/bin/vacation
c. turn off/on spam filtering via adding/removing a pre-written 
.mailfilter file into/out of the user's home directory

Is this possible via the User directories usage description above or is 
there another way or no way using Apache?

Thanks to any and all who may be of assistance.

Cheers,

Gordon Thagard

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message