On Fri, 11 Mar 2005 09:27:15 +0000, Gary Wilson <gwilson@xxxxxxxx> wrote: > However, we now wish to tighten up on security and move away from all > users belonging to the same group (which the web server also belongs > to), and we would like all user's (perl/php/shell etc) scripts to be > executed as themselves so user data is better protected - for this I'd > like to use suexec, but the problem I have is that suexec relies on the > Suexecusergroup directive within a virtual host to work (we don't use > userdirs). > > Someone suggested to me that this isn't a problem because you can do > variable substitution to directives in the configuration file, > Have I been given a bum steer here? Yes. That's complete garbage. suexec is not designed for the task you are talking about. You should look into CGIwrap, which is a little more flexible: http://cgiwrap.unixtools.org/ Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|