Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 1 Apr 1998 09:44:14 -0600
From:      "Scot W. Hetzel" <hetzels@westbend.net>
To:        "Dean Hollister" <dean@odyssey.apana.org.au>
Cc:        <freebsd-isp@FreeBSD.ORG>
Subject:   Re: suexec error
Message-ID:  <009e01bd5d85$065047c0$c3e0d9cf@admin.westbend.net>

next in thread | raw e-mail | index | archive | help
From: Dean Hollister <dean@odyssey.apana.org.au>

>On Wed, 1 Apr 1998, Scot W. Hetzel wrote:
>
>> The files/Makefile redefines this to user "www", thus the server should
be
>> changed to run as this user in the config file.  If this isn't what your
>> server runs as then you need to change it here, before you build the
port.
>
>The fp install script sets the owners to what you want anyway...
>
>> This gets redefined to "public_html/cgi-bin" by the files/Makefile from
the
>> apache-fp port. This way all cgi programs are in one directory instead of
>> being run from any directory under public_html.
>
>CGI Scripts still run as root regardless...
>
Who owns the public_html and public_html/cgi-bin directories, it should be
the user. If root owns them, then scripts will be run as root.

In a previous message:
>However, upon installing the recompiled version, all cgi ran as root - a
>definite security no-no. So, I compiled the standalone version of suexec
>which works correctly.

What standalone version? the one in apache*/support (before / after the
patches have been applied), or the one located on the web page.

Scot



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?009e01bd5d85$065047c0$c3e0d9cf>