Hi,My configuration has a single VirtualHost serving all of the websites. I'm using suphp so that cgi scripts are executed as the owner of the file. In my VirtualHost I do this:
AddHandler x-suphp-cgi .cgi .plI want to give people access to use mod_rewrite from .htaccess files, but in order to do that I need to add "AllowOverride FileInfo" to a <Directory>. However, if I do that, it also gives them access to use SetHandler/AddHandler in .htaccess. If they can use those directives, then they can override my suphp configuration and stick this in their .htaccess file:
AddHandler cgi-script .cgi .plThat then makes their scripts run as the apache user, which is what I'm trying to avoid... Any ideas?
-- Mike Cardwell - IT Consultant and LAMP developer Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|