mod_php bug?

To: debian-security@lists.debian.org, debian-isp@lists.debian.org
Subject: mod_php bug?
From: Michal Novotny <debian@prolidi.cz>
Date: Mon, 15 Apr 2002 15:56:48 +0200
Message-id: <[🔎] 4664.020415@prolidi.cz>

Hi!

I found something interesting in mod_php.

When  you  use  safe_mod  on  and  User  user1 and Group group1 in the
VirtualHost definition, then this you get:
1. running script test.php (made dir Test and file Test.log inside, log
   something to it)
2. running script test.php (dir  and file already made, but cannot log
   something in it)

ad 1) made dir and file with www-data.www-data permissions
ad 2) SAFE MODE Restriction in effect.  The script whose uid is 1002 is
 not  allowed to access /home/user1/data/Test/Test.log owned by uid 33
 in /home/user1/www/test.php on line 2

So, finally it uses User directive or not? Globally is User www-data.
 
Is it bug or what? Can I do something wrong?
 
Regards
Michal Novotny



-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: mod_php bug?
  - From: "SDiZ \(UHome\)" <sdiz@uhome.net>

Prev by Date: Re: Key servers
Next by Date: Re: Key servers
Previous by thread: Re: Key servers
Next by thread: Re: mod_php bug?
Index(es):
- Date
- Thread