Re: Webserver with php and cgi and suexec or cgiwrap - php-cgiwrap

To: Casper Gondelach <casper@gondelach.nl>
Cc: Debian ISP list <debian-isp@lists.debian.org>
Subject: Re: Webserver with php and cgi and suexec or cgiwrap - php-cgiwrap
From: seezov@libero.it
Date: Mon, 25 Feb 2002 13:51:25 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.21.0202251351160.1241-100000@debian.mio>
In-reply-to: <[🔎] 01aa01c1bd12$d1c0a990$0200a8c0@ws>

take a look cgiwrap

On Sun, 24 Feb 2002, Casper Gondelach wrote:

> Hi there,
> 
> I am searching now for weeks to find the best way to secure my webserver. I want users to be able to run cgi and php scripts. For the securtity all the scripts have to run under there own names. All the users that may use scripts, have a virtual host.
> 
> I tried with suexec. It works perfect, no problem. But at the tot of every php script, you have to add #!/usr/bin/php, witch gives a lot of trouble to users, by example when scripts are run by webserver from outside and the same script is also included (that the line should not exist). I couldn't find with the suexec configuration how to "solve" this. Anybody has an idea.
> 
> Next thing i tried was the cgiwrapper. With a patch you can make 2, a cgiwrap and a php-cgiwrap, and then the first line isn't nesesarry anymore. Problem now, He looks after directory names, so all virtualhosts doesn't work, because he can't find the right user. 
> 
> The question now. What is the best and most secure way to solve this?
> 
> Greetings,
> 
> Casper Gondelach
> 

_____________________________________________________________

Sebastian Ezequiel Ovide

Reply to:

References:
- Webserver with php and cgi and suexec or cgiwrap - php-cgiwrap
  - From: "Casper Gondelach" <casper@gondelach.nl>

Prev by Date: Re: LSM or GRSecurity
Next by Date: Re: webhosting
Previous by thread: Webserver with php and cgi and suexec or cgiwrap - php-cgiwrap
Next by thread: ping6 bug ?
Index(es):
- Date
- Thread