mod_php bug?
Hi!
I found something interesting in mod_php.
When you use safe_mod on and User user1 and Group group1 in the
VirtualHost definition, then this you get:
1. running script test.php (made dir Test and file Test.log inside, log
something to it)
2. running script test.php (dir and file already made, but cannot log
something in it)
ad 1) made dir and file with www-data.www-data permissions
ad 2) SAFE MODE Restriction in effect. The script whose uid is 1002 is
not allowed to access /home/user1/data/Test/Test.log owned by uid 33
in /home/user1/www/test.php on line 2
So, finally it uses User directive or not? Globally is User www-data.
Is it bug or what? Can I do something wrong?
Regards
Michal Novotny
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: