Re: enabling suexec with debian apache [solved]

To: Robert Varga <robi@piros.zold.net>
Cc: Marko Cehaja <marko@magikomik.de>, Debian User List <debian-user@lists.debian.org>
Subject: Re: enabling suexec with debian apache [solved]
From: Adam Shand <larry@alaska.net>
Date: Mon, 21 Feb 2000 11:24:26 -0900 (AKST)
Message-id: <[🔎] Pine.LNX.4.21.0002211121250.32698-100000@heyzeus.alaska.net>
In-reply-to: <[🔎] Pine.LNX.3.96.1000221184027.13373D-100000@piros.zold.net>

> It is the way it is supposed to be. 

is there a something in the docs i missed explaining that this is what needs
to be done? it took me a very frustrating hour to figure this out.  if not
it should be submitted as a documentation bug, right?

> With suEXEC enabled, cgi-s run setuid-ed, which is always a risky thing,
> so it should be done on the administrator's explicit statement, hence
> the need for enabling suEXEC manually.

well, they run suid'd to the user which is a whole lot less risky then
having them run as the user that the web server runs as.  i agree that
having another suid root binary is always a bad thing but suexec is kinda
pointless with out it, and it's a major security boon.

adam.

Reply to:

Follow-Ups:
- Re: enabling suexec with debian apache [solved]
  - From: Robert Varga <robi@piros.zold.net>

References:
- Re: enabling suexec with debian apache [solved]
  - From: Robert Varga <robi@piros.zold.net>

Prev by Date: Re: mouse with gpm and X
Next by Date: pop3 NAT problem?
Previous by thread: Re: enabling suexec with debian apache [solved]
Next by thread: Re: enabling suexec with debian apache [solved]
Index(es):
- Date
- Thread