On Fri, 09 Sep 2005 11:51, Joshua Slive wrote: > > Just remove the suid bit from the suexec binary (or rename it) and > then restart apache. Will do. Now I need to find it .... looking, ok there it is. Problem solved. Now, it looks like the script has /srv/www/cgi-bin as it's cwd. They are not making it easy for DirectoryIndex to be useful. At least $REQUEST_URI contains the facts I need. > I dislike the fact that distributors activate [suexec] by default. I dislike the fact that distributors like to follow different standards for locations. Standards are so good; there should be more of them! RedHat in particular stubbornly puts the document root in somewhere/html but my fingers insist on typing cd somewhere/htdocs. > I don't think this is a fixable issue. You can't combine global CGIs > with userdir requests. That's part of suexec's security features. > What you want is simply to not use suexec for these requests, but > making an exception like that could be very dangerous. I'm still not discounting the possibility that I've misunderstood one of suexec's many rules for Proper Usage, but it's more important that I move on right now. And, since I do not have a need for suexec, I can wait until there is a need before re-examining it's issues. Thanks for your help. I can now move on after 3 evenings wasted doing homework on this subject. This is why I need to build toy servers; the web isn't going to go away, so you may as well become it's master. Cheers PS - apologies for the stupid corporate signature. I'm working on subverting it from my new machine. -- corporate signatures suck. This email is from Civica Pty Limited and it, together with any attachments, is confidential to the intended recipient(s) and the contents may be legally privileged or contain proprietary and private information. It is intended solely for the person to whom it is addressed. If you are not an intended recipient, you may not review, copy or distribute this email. If received in error, please notify the sender and delete the message from your system immediately. Any views or opinions expressed in this email and any files transmitted with it are those of the author only and may not necessarily reflect the views of Civica and do not create any legally binding rights or obligations whatsoever. Unless otherwise pre-agreed by exchange of hard copy documents signed by duly authorised representatives, contracts may not be concluded on behalf of Civica by email. Please note that neither Civica nor the sender accepts any responsibility for any viruses and it is your responsibility to scan the email and the attachments (if any). All email received and sent by Civica may be monitored to protect the business interests of Civica. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|