httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nocturnal <noctur...@swehack.se>
Subject Re: [users@httpd] Running PHP as CGI without Shebang
Date Thu, 01 Jun 2006 08:29:56 GMT
Hi

I recognize this method from the manuals i've read. I think i've tried 
this before but failed because of suExec. I'm thinking suexec does not 
allow the users to execute this program.cgi file which is owned by root. 
Is there a way around this in suexec and still keep the functionality of 
suexec that does not allow users to execute other files not owned by 
their user and group?



Med vänliga hälsningar

Stefan Midjich aka nocturnal
[Swehack] http://swehack.se


nocturnal wrote:
> Hi
> 
> I've tried a few alternative solutions but i can't remember if a global 
> ScriptAlias was one of them. Possibly only a global Alias. I will try it 
> as soon as i get some time for it.
> 
> The configuration is as follows in each vhost.
> 
>  AddHandler php-v4 .php
>  Action php-v4 /cgi-bin/program.cgi
> 
> This forces each vhost to have a program.cgi which is a copy of the php 
> binary interpreter. This is in the <Directory> section of each vhost. 
> The section also contains ExecCGI in Options.
> 
> 
> 
> Med vänliga hälsningar
> 
> Stefan Midjich aka nocturnal
> [Swehack] http://swehack.se
> 
> 
> Joshua Slive wrote:
>> On 5/31/06, nocturnal <nocturnal@swehack.se> wrote:
>>> Hi
>>>
>>> I've managed to configure my vhosts to run PHP as CGI without the need
>>> for a Shebang and 755 permissions on PHP script files. The only problem,
>>> a big problem in my opinion, is that i need to create a cgi-bin
>>> directory in each vhosts web root directory and place a copy of the php
>>> binary interpreter file in that directory. I do this because the users
>>> are not allowed to execute things outside of their web root directory. I
>>> would like to know other possible solutions to this that don't require
>>> me to keep a large file in every users directory which not only adds to
>>> that users file system quota but also is at risk of being removed or
>>> altered by the user herself.
>>>
>>> Thank you in advance for any help. I would love it if you could share
>>> your experiences of multiple solutions to this, even if they, in your
>>> opinions, have flaws.
>>
>> It would help if you showed the config you are using.  I would think
>> that a global ScriptAlias (outside any <VirtualHost> section) could
>> easily do what you want.
>>
>> Joshua.
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server 
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message