Re: Default Apache install not fit for multiple domains/users
"Stefan Neufeind" <stefan@neufeind.net> writes:
> But afaik you run into real problems when you try to use suexec with
> php, don't you? Or has anybody managed to get this running correctly?
> (for Apache 1.3.x !!!).
You do if you use php scripts that are parsed by the server itself.
You can use php cgi scripts with suexec without any problems.
> On 6 Jun 2003 at 17:06, Wade Richards wrote:
>
>> On 06 Jun 2003 16:15:37 PDT, Jon writes:
>> >I believe Apache would still be executing php/cgi scripts as
>> >www-data, so users could snoop on other users's scripts, session
>> >files, etc.
>> >
>> >Something like:
>> ><?php echo `ls ../neighbor/public_html`; ?>
>>
>> I suggest you look up the suEXEC Apache module, it seems to do exactly
>> what you want.
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
--
Ted Cabeen
Systems/Network Administrator
Impulse Internet Services
Reply to: