| I also have ASP installed, and I'd like to be able to transparently suid
| the .asp scripts too. Do you know how I could go about doing this?
I think this is a general bad idea. The only purpose of running scripts via
a suexec or setuid mechanism I can think of is to stop different users &
websites running an the same httpd digging and interfering in each other's
data and files.
As Apache::ASP is built on top of mod_perl which takes advantage of
*internally sharing & caching* as much as possible between httpd processes,
doing setuid scripts would not fix the problem.
I'm not into the gory details, but I guess what you have then is the same
access to the same data as before, you just have another uid. So for disk
i/o this is ok, but to shield users from messing up each others mod_perl
namespace in case they have a bad coding style, this is useless.
If you're not trusting the people making websites and you're looking for a
virtual hosting solution, I think some postings earlier this week about
proxying requests to a user-dedicated apache listening on localhost is the
best solution.
Ime
