Re: SuExec on Apache
Brian McGroarty said:
> SuExec seems to be one way of running cgi as users other than
> www-data. Is this the only option? I'm curious what most do.
>
> SuExec isn't packaged so far as I can tell; is there any facility that
> might help ensure that a locally-built version is up to date? I'd hate to
> miss a security notification and leave a hole in the home system.
suexec is part of the apache package
aphro@shadow:~$ /usr/sbin/apache -l
Compiled-in modules:
http_core.c
mod_so.c
mod_macro.c
suexec: enabled; valid wrapper /usr/lib/apache/suexec
never used suexec myself though(at least not intentionally, dunno
if it's a default or not)
nate
Reply to: