> What I want to do is have multiple virtual hosts with each virtual
> host having a different UID for running CGI-BIN scripts.
http://cgiwrap.unixtools.org/
"CGIWrap is a gateway program that allows general users to use CGI
scripts and HTML forms without compromising the security of the http
server. Scripts are run with the permissions of the user who owns the
script. In addition, several security checks are performed on the
script, which will not be executed if any checks fail."
Since scripts uploaded via FTP will be owned by your customers
UID, they should then run under his UID. I am not sure, however,
if you could get the whole apache subprocess to be run under a
different UID this way, but then I am not sure if this would
give additional security or other advantages.
BTW. I've seen some descriptions on how to set up CGIwrap
transparently so your customers whouldn't even notice
CGIwrap is running. Something with setting up a handler
for file extensions. Maybecheck the tips and tricks page
http://cgiwrap.unixtools.org/tricks.html on this as
well as for some nice mod_rewrite rules ;-)
Cheers, Marcel
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]