Re: Wrapping CGI and PHP Scripts

To: Anand Atreya <me@anandatreya.com>
Cc: Jason Lim <maillist@jasonlim.com>, <debian-isp@lists.debian.org>
Subject: Re: Wrapping CGI and PHP Scripts
From: Dan MacNeil <omacneil@brave.cs.uml.edu>
Date: Wed, 2 Jul 2003 21:40:05 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.4.44.0307022139490.8610-100000@brave.cs.uml.edu>
In-reply-to: <[🔎] 001301c34103$3bd5f1d0$0301a8c0@ANANDATREYA>

We use the shbang...

On Wed, 2 Jul 2003, Anand Atreya wrote:

> Any recommendations on how to do this with PHP - without needing the
> #!/bin/sh
> echo DEFANGED.0
> exit
> #!/usr/bin/php at the top and without using PHP Safe mode - which is a lame
> workaround...?
>
> -- Anand
>
> ----- Original Message -----
> From: "Dan MacNeil" <omacneil@brave.cs.uml.edu>
> To: "Jason Lim" <maillist@jasonlim.com>
> Cc: "Anand Atreya" <me@anandatreya.com>; <debian-isp@lists.debian.org>
> Sent: Wednesday, July 02, 2003 9:33 PM
> Subject: Re: Wrapping CGI and PHP Scripts
>
>
> >
> > > If only this could be in a configuration file..........
> >
> > What is worse is that every time there is a security patch for apache, we
> > break our hand compiled suexec....
> >
> > On Thu, 3 Jul 2003, Jason Lim wrote:
> >
> > >
> > >
> > > >
> > > > >Does anyone know what the default document
> > > > >root is for the Debian configuration of suexec?
> > > >
> > > > /var/www/
> > > >
> > > > To change the document root of suexec you need to recompile suexec
> see:
> > > >
> > > > http://communitysoftwarelab.org/sys/project.d/suexec.d/install.txt
> > >
> > >
> > > If only this could be in a configuration file..........
> > >
> > >
> > > >
> > > > ###############
> > > > On Wed, 2 Jul 2003, Anand Atreya wrote:
> > > >
> > > > > Hi,
> > > > >
> > > > >     I have just recently begun using Debian and am in the process of
> > > > > migrating a FreeBSD 4.4 server over to it.  This server had many
> > > different
> > > > > users and allowed them to execute CGI and PHP scripts in their
> > > public_html
> > > > > folder (or any folder under it) as their own user, not as the user
> of
> > > the
> > > > > webserver, using mod_cgiwrap and mod_phpcgiwrap (from Steven
> > > Haryanto).  The
> > > > > site where this was located
> > > > > (http://steven.haryan.to/mod_cgiwrap/mod_cgiwrap.html) no longer
> > > exists, and
> > > > > in hindsight, it seems as if mod_cgiwrap was not a very secure
> > > solution to
> > > > > begin with.
> > > > >     Does anybody have any recommendations on how to set up a virtual
> > > hosting
> > > > > Apache server such that users can have CGI and PHP scripts execute
> as
> > > > > themselves, without having to put #!/usr/bin/php at the top of php
> > > scripts,
> > > > > and that is completely transparent to the user, also allowing them
> to
> > > place
> > > > > scripts anywhere in their document root?
> > > > >     (I have tried using suexec as it is installed with the Debian
> > > Apache
> > > > > package, but when I tried to execute a script in a virtual host, not
> > > using
> > > > > the www.domain.com/~username address, it did not execute the script,
> > > saying
> > > > > it was not in the document root.  Does anyone know what the default
> > > document
> > > > > root is for the Debian configuration of suexec?)
> > > > >
> > > > > Thanks a lot.
> > > > > -- Anand Atreya
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> > > > with a subject of "unsubscribe". Trouble? Contact
> > > listmaster@lists.debian.org
> > > >
> > > >
> > >
> >
>

Reply to:

References:
- Re: Wrapping CGI and PHP Scripts
  - From: "Anand Atreya" <me@anandatreya.com>

Prev by Date: Re: Wrapping CGI and PHP Scripts
Next by Date: Re: Open Relay Testing
Previous by thread: Re: Wrapping CGI and PHP Scripts
Next by thread: Re: Wrapping CGI and PHP Scripts
Index(es):
- Date
- Thread