I compiled apache_1.3.12 on Redhat 6.2 and compiled suEXEC in, when I
start Apache it says:
[notice] suEXEC mechanism enabled (wrapper:
/usr/local/apache/bin/suexec)
in the error file, so I know that is is stating, but suEXEC seems to be
ignoring ALL the rules it should be protecting. In Apaches docs it says
that it will not run files world writtable, or files owned by root, or
files in a world writtable directory. Well I wanted to test it and make
sure that it was working right, and it will run all scripts in under
every circumstance. Any idea what is wrong? I compiled it with these
options:
--enable-suexec
--suexec-caller=same_as_my_apache_user
--suexec-userdir=public_html
--suexec-docroot=/same_as_apache_doc_root
--suexec-logfile=/my_log_path/suexec-log
--suexec-uidmin=500
--suexec-gidmin=500
--suexec-safepath=/usr/bin:/usr/local/bin
I have only received one error in my suexec-log file on all of the files
that I run illegaly, that error was:
alert: too few arguments
Again, showing that it is running, but not protecting. I am running
virtual domains on this box, the path to the virtual domain directories
are:
/same_as_apache_doc_root/virtual_domain
I have put:
user otherUser
group otherUser
To specify a different user/group then the one that apache is running as
like it says in the docs.
Any ideas would be very helpful.
Thanks,
Phil,
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
