On 9/14/06, Yves Dorfsman <yves@xxxxxxxxx> wrote:
Anybody has any idea if it's possible to do something like: SuexecUserGroup $REMOTE_USER agroup What I'm trying to do, is have the CGIs executed with the uid of the authenticating user, but everybody will be using the same script, and the same URL. I've googled for it, and there are hints that people are doing this out there, but no example of configuration (the one above is of course completely invalid). On one page one guy's saying that he re-wrote su-exec to be able to do all sort of things... but I really want to stay as close to vanilla as possible.
No, this is not possible and not wise. You would need to strip away the most important security protections of suexec to do this. If you really need this, look into sudo, which could be used in conjunction with suexec or in an ordinary cgi script. But watch out. You could easily create massive security wholes if you don't know what you are doing. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|