>Number: 4078 >Category: suexec >Synopsis: a small patch to enable suexec in non-userdirs and non-vhosted >directories >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: change-request >Submitter-Id: apache >Arrival-Date: Wed Mar 17 13:00:01 PST 1999 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.4 >Environment: Linux 2.2.3, AIX 4.2 and 4.3, HPUX 10.10, FreeBSD 2.2.8 Stable >Description: We have put together a small patch to enable suexec to work anywhere in the document root. It works by specifying a default CGIUser and CGIGroup for the document root (these are the only directive changes, I promise). With FileInfo and EXECCGI enabled for the document root, users can then create a cgi bin simply by putting the following in an htaccess file... CGIUser "userid" CGIGroup "group" defaultType application/x-httpd-cgi
The execution is still subject to all of suexec's paranoia checks and the only things that are changed are in mod_cgi.c and util_script.c. The patch can be found at http://www.louisville.edu/~khhaga01/apache.patch Just in case it is anything of interest. The changes to util_script.c were simply the best way I could think to do it at the time. >How-To-Repeat: >Fix: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
