Re: Default Apache install not fit for multiple domains/users

To: debian-security@lists.debian.org
Subject: Re: Default Apache install not fit for multiple domains/users
From: Wade Richards <wade@wabyn.net>
Date: Fri, 06 Jun 2003 17:06:20 -0700
Message-id: <[🔎] E19ORDx-0008UK-00@wabyn.net>
In-reply-to: Message from Jon <jon@tgpsolutions.com> of "06 Jun 2003 16:15:37 PDT." <[🔎] 1054941337.5604.20.camel@damocles>

On 06 Jun 2003 16:15:37 PDT, Jon writes:
>I believe Apache would still be executing php/cgi scripts as www-data,
>so users could snoop on other users's scripts, session files, etc.
>
>Something like:
><?php echo `ls ../neighbor/public_html`; ?>

I suggest you look up the suEXEC Apache module, it seems to do exactly what
you want.

    --- Wade

Reply to:

Follow-Ups:
- Re: Default Apache install not fit for multiple domains/users
  - From: Phillip Hofmeister <plhofmei@zionlth.org>
- Re: Default Apache install not fit for multiple domains/users
  - From: "Stefan Neufeind" <stefan@neufeind.net>

References:
- Re: Default Apache install not fit for multiple domains/users
  - From: Jon <jon@tgpsolutions.com>

Prev by Date: Re: Keeping files away from users - THANKS!!
Next by Date: Re: Default Apache install not fit for multiple domains/users
Previous by thread: Re: Default Apache install not fit for multiple domains/users
Next by thread: Re: Default Apache install not fit for multiple domains/users
Index(es):
- Date
- Thread