Hi all, I want to show you a little hack have written this morning. It is something Rodolfo proposed sometime ago. Basically it about changing the execution user of the CGIs and PHP to its owner user. Check this out:
This is the testing script: -rw-r--r-- 1 *1000* 1000 60 2005-12-04 21:03 user.php === <?php echo "I'm running under UID ".posix_geteuid()."\n"; ?> === 1.- This is a minimum configuration to run it: === Port 80 DocumentRoot /var/www Directory / { handler common } Extension php { handler phpcgi } === And this is the output: "I'm running under UID 0". 2.- Now, lets try with the ChangeUser hack: === Port 80 DocumentRoot /var/www Directory / { handler common } Extension php { handler phpcgi { ChangeUser on } } === Now, the output is "I'm running under UID 1000". :-) It is now committed into the repository. Enjoy! -- Greetings, alo. _______________________________________________ Cherokee mailing list Cherokee@lists.alobbs.com http://www.alobbs.com/cgi-bin/mailman/listinfo/cherokee