Re: php and suexec

["Grant Peel" <gpeel@xxxxxxxxxxxxx>]

Joshua,

 

Interesting, maybe I have always missunderstood these (suexec) conditions (12 and 13 I think).

 

 

    Is the directory within the Apache webspace?

1. If the request is for a regular portion of the server, is the requested directory within suEXEC's document root? If the request is for a UserDir, is the requested directory within the directory configured as suEXEC's userdir (see suEXEC's configuration options)?

2. Is the directory NOT writable by anyone else?

   We don't want to open up the directory to others; only the owner user may be able to alter this directories contents.

----- Original Message -----

From: Joshua Slive

To: users@xxxxxxxxxxxxxxxx ; Grant Peel

Sent: Wednesday, October 24, 2007 9:45 AM

Subject: Re: php and suexec

On 10/24/07, Grant Peel <gpeel@xxxxxxxxxxxxx> wrote:
>
>
> Understood,
>
> BUT suexec will not allow a script to be written to outside the users home directory ... right?
>

I have no idea what you mean with that sentence.

Suexec is very strict about what scripts it will LAUNCH. But once a
script is started, it is free to do anything that is allowed to its
user.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

---

Total Control Panel	Login
To: gpeel@xxxxxxxxxxxxx	Message Score:	50		High (60): Pass
From: users-return-76615-gpeel=thenetnow.com@xxxxxxxxxxxxxxxx	My Spam Blocking Level:	High		Medium (75): Pass
				Low (90): Pass
	Block messages from this sender (blacklist)
This message was delivered because the content filter score did not exceed your filter level.