Date: Wed, 1 Apr 1998 09:44:14 -0600 From: "Scot W. Hetzel" <hetzels@westbend.net> To: "Dean Hollister" <dean@odyssey.apana.org.au> Cc: <freebsd-isp@FreeBSD.ORG> Subject: Re: suexec error Message-ID: <009e01bd5d85$065047c0$c3e0d9cf@admin.westbend.net>
next in thread | raw e-mail | index | archive | help
From: Dean Hollister <dean@odyssey.apana.org.au> >On Wed, 1 Apr 1998, Scot W. Hetzel wrote: > >> The files/Makefile redefines this to user "www", thus the server should be >> changed to run as this user in the config file. If this isn't what your >> server runs as then you need to change it here, before you build the port. > >The fp install script sets the owners to what you want anyway... > >> This gets redefined to "public_html/cgi-bin" by the files/Makefile from the >> apache-fp port. This way all cgi programs are in one directory instead of >> being run from any directory under public_html. > >CGI Scripts still run as root regardless... > Who owns the public_html and public_html/cgi-bin directories, it should be the user. If root owns them, then scripts will be run as root. In a previous message: >However, upon installing the recompiled version, all cgi ran as root - a >definite security no-no. So, I compiled the standalone version of suexec >which works correctly. What standalone version? the one in apache*/support (before / after the patches have been applied), or the one located on the web page. Scot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?009e01bd5d85$065047c0$c3e0d9cf>