Bug#528062: Supplied patch breaks working installations with php and suexec
Hi,
I tested the patch for a Lenny server with quite some public_html
UserDirs - I suspect that my observations also apply to Squeeze.
The behavior of our configuration with the default Apache packages is
that normal CGI scripts in public_html dirs are running under the owners
uid, while php scripts are executed as www-data. We don't use fcgid.
Our desired behavior would be that CGI scripts as well as PHP scripts
run under the owners uid. This can be quite easily setup with suphp, but
a solution that only requires suexec would be nice.
With the supplied patch PHP scripts are run under the owners uid *if and
only if* the php binary is copied to every public_html dir that contains
php scripts, symlinking does not seem to work here.
Also mod_action has to be configured correctly (which I did not figure
out yet for *many* userdirs).
Without further action the patch completely breaks PHP script execution
(Error 500) beneath user dirs when suexec is enabled.
IMHO it is far from production ready. For only few different users it is
rather simple to set up different vhosts with explicit SuexecUserGroup
configs that will give you the same results.
Just my ¢ 2,
Christopher
Reply to: