Date: Sun, 04 Jan 2004 19:44:05 -0500 From: Marty Landman <MLandman@face2interface.com> To: freebsd-questions@freebsd.org Cc: freebsd-questions@freebsd.org Subject: Re: starting daemons at server start Message-ID: <6.0.0.22.0.20040104193550.034d8ae0@pop.face2interface.com> In-Reply-To: <44hdzbtf99.fsf@be-well.ilk.org> References: <6.0.0.22.0.20040104142759.1111d578@pop.face2interface.com> <20040104230340.93160.qmail@web14524.mail.yahoo.com> <6.0.0.22.0.20040104182413.02d37b50@pop.face2interface.com> <44hdzbtf99.fsf@be-well.ilk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:23 PM 1/4/2004, Lowell Gilbert wrote: >I'm not an expert at Apache, exactly, but I can tell that you need to be >more specific about the changes you're making, and why, before anybody can >help you find a way to avoid doing that. As I understand it, Apache provides a module called suexec to allow cgi's to run as the user that owns the directory. Without suexec cgi's run as the httpd owner which is typically a 'nobody' user with highly restricted permissions. So to allow e.g. mypgm.cgi default permission to write to a file in /mnt/web/guide/guido (user Guido's root) with a chmod of 644 Apache must be recompiled with suexec enabled. I failed at my attempt to do this and didn't want to keep plugging away so have just chmod'd my (local intranet) root directories to 777. It's a lousy kluge but it does permit me to keep working. >A lot of workarounds tend to be just as much of a security concern as >suexec is itself. Not sure security's an issue on my intranet, but inevitably working improperly will lead to improper results and security issues on the production server. Marty Landman Face 2 Interface Inc 845-679-9387 Sign On Required: Web membership software for your site Make a Website: http://face2interface.com/Home/Demo.shtml
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.0.20040104193550.034d8ae0>