Re: suEXEC witch mod_userdir
Marc Aymerich wrote:
> Hi everybody,
> We have a apache2-worker in production enviroment with 200 users,
> this users can access at their websites by domain name
> http://www.userdomani.org (virtualhost configuration) or by username
> http://www.domanin.org/~username (mod_userdir). The VirtualHost
> configuration work's perfectly, the problem is with mod_userdir,
> mod_userdir doesn't execute suEXEC and consequently the CGI's aren't
> executed by suexec :( We investigated for several days but we have
> not been able to find the problem.
Can I suggest you to have a look at "sbox-dtc" that I maintain in
Debian? This one has chroot and many limits set for your users. This
improves A LOT the security of your cgi-bin (even if you disable the
chroot feature in the config file...), and might resolve your chuid issue.