I would like to know if there's any PHP suexec to let user's page
running as his/her UID? Thanks.
SuEXEC can work only on CGI programs (why do we call these things CGIQuote:> Hi,
> I would like to know if there's any PHP suexec to let user's page
> running as his/her UID? Thanks.
Would it be possible, in some distant future, to tell Apache to run under
the user-owner of the virtual host? That would be most logical for me. That
would require main Apache process to be root, which does open some space for
buffer overflows. OTOH, Apache would be root for the minimal time, just
enough to determine which VirtualHost it should be and switch to it. I
realize this "minimal" time might be long from Apache's point of view.
On the other hand, Apache 2.0 has an experimental "MPM" called
"perchild" which will keep a pool of processes running under
different userids, and will pass requests to the appropriate
> That's not the real problem. The problem is that once Apache switches
> from root to the other userid, it must give up all ability to switch
> back to root. Therefore, the process would only be able to serve
> that one request before dying. This would vastly slow down the
> server, since creating new processes is very expensive.
So, will Apache 2.0 work the way I described? Can you setup something like:Quote:> On the other hand, Apache 2.0 has an experimental "MPM" called
> "perchild" which will keep a pool of processes running under
> different userids, and will pass requests to the appropriate
CustomLog /usr/users/mercury/logs/access.log common
ScriptAlias /cgi-bin/ "/usr/users/mercury/cgi-bin/"
And then all requests for http://Mercury.ev.co.yu/... would be directed to
the process with UID=mercury? And that process would be bound to serve
*that* particular virtual server?
I have a running Apache server with PHP compiled as module. Suexec
works, as I can see from my log file.
Now the problem: My PHP-script needs to create subdirs under
/usr/local/httpd/htdocs, so I tried suexec. The script is in
document_root, owner is a normal user, group and world can read and
execute, but not write. But the script does not work (mkdir - permission
denied). The user himself can create the subdirs, so I guess the script
is not run by the suexec-wrapper.
Any help greatly appreciated.