Moving this thread to debian-devel, where it belongs. On Sat, Nov 16, 2002 at 06:08:50PM -0500, Matt Zimmerman wrote: > /usr/lib/apache/suexec -V says: > -D DOC_ROOT="/var/www" > -D GID_MID=100 > -D HTTPD_USER="www-data" > -D LOG_EXEC="/var/log/apache/suexec.log" > -D SAFE_PATH="/usr/local/bin:/usr/bin:/bin" > -D UID_MID=100 > -D USERDIR_SUFFIX="public_html" > Most of these (like the path, logfile and UID/GID limits) seem perfectly > reasonable. However, things like DOC_ROOT and HTTP_USER and USERDIR_SUFFIX > (which are configurable in the Apache httpd configuration) seem like they > belong in a configuration file. Actually, the GID and UID settings don't seem particularly sane to me; I would expect these to both be set to 1000, since that's where system accounts end per Debian policy. -- Steve Langasek postmodern programmer
Attachment:
pgpkNXZpSVUAY.pgp
Description: PGP signature