On 10/24/07, Grant Peel <gpeel@xxxxxxxxxxxxx> wrote: > > > Joshua, > > Interesting, maybe I have always missunderstood these (suexec) conditions (12 and 13 I think). > > > Is the directory within the Apache webspace? > > > > If the request is for a regular portion of the server, is the requested directory within suEXEC's document root? If the request is for a UserDir, is the requested directory within the directory configured as suEXEC's userdir (see suEXEC's configuration options)? > Is the directory NOT writable by anyone else? > > We don't want to open up the directory to others; only the owner user may be able to alter this directories contents. > Those are restrictions about what kind of scripts suexec will launch. Suexec is a simple suid launcher. Once the script is launched, suexec no longer has any control over it. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|