Hi all,
I want to show you a little hack have written this morning. It is
something Rodolfo proposed sometime ago. Basically it about
changing the execution user of the CGIs and PHP to its owner user.
Check this out:
This is the testing script:
-rw-r--r-- 1 *1000* 1000 60 2005-12-04 21:03 user.php
===
<?php echo "I'm running under UID ".posix_geteuid()."\n"; ?>
===
1.- This is a minimum configuration to run it:
===
Port 80
DocumentRoot /var/www
Directory / { handler common }
Extension php {
handler phpcgi
}
===
And this is the output: "I'm running under UID 0".
2.- Now, lets try with the ChangeUser hack:
===
Port 80
DocumentRoot /var/www
Directory / { handler common }
Extension php {
handler phpcgi {
ChangeUser on
}
}
===
Now, the output is "I'm running under UID 1000". :-)
It is now committed into the repository.
Enjoy!
--
Greetings, alo.
_______________________________________________
Cherokee mailing list
Cherokee@lists.alobbs.com
http://www.alobbs.com/cgi-bin/mailman/listinfo/cherokee
