RE: Apache VirtualDocumentRoot
Hi! I think that mod_rewrite or mod_vhosts_alias can do that. take a look at http://modules.apache.org cheers Marcelo Gulin - Original Message - From: Russell Coker [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, May 02, 2001 5:35 AM Subject: Apache VirtualDocumentRoot Here is my Apache VirtualDocumentRoot setting: VirtualDocumentRoot /www/%-1/%-2/%-3/%-4+ Now for URLs such as http://company.com/; this will be expanded to /www/com/company/_/_/ ! Currently I am putting sym-links from _ to . in the directories /www/com/company/ but this is a real hack. Does anyone know of a good way of doing this in Apache? -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Apache VirtualDocumentRoot
Hi! I think that mod_rewrite or mod_vhosts_alias can do that. take a look at http://modules.apache.org cheers Marcelo Gulin - Original Message - From: Russell Coker [EMAIL PROTECTED] To: debian-isp@lists.debian.org Sent: Wednesday, May 02, 2001 5:35 AM Subject: Apache VirtualDocumentRoot Here is my Apache VirtualDocumentRoot setting: VirtualDocumentRoot /www/%-1/%-2/%-3/%-4+ Now for URLs such as http://company.com/; this will be expanded to /www/com/company/_/_/ ! Currently I am putting sym-links from _ to . in the directories /www/com/company/ but this is a real hack. Does anyone know of a good way of doing this in Apache? -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Apache and multiple virtual domains
Hi! However, PHP is still run under the webserver's UID, correct? The only workaround is the run PHP in cgi version...? Yes. You need the CGI version I think Because you need to use the suEXEC wrapper, which is bit SUID, to execute programs under other UIDs (not nobody or httpd) hope it helps. cheers marcelo gulin Jason - Original Message - From: Marcelo Gulin [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, April 28, 2001 6:13 PM Subject: RE: Apache and multiple virtual domains Hi! You can use suEXEC mechanism to do that job. suEXEC wrapper allow run CGI SSI under different UIDs cheers marcelo gulin - Original Message - From: Marcel Hicking [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, April 27, 2001 3:44 AM Subject: Re: Apache and multiple virtual domains What I want to do is have multiple virtual hosts with each virtual host having a different UID for running CGI-BIN scripts. http://cgiwrap.unixtools.org/ CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail. Since scripts uploaded via FTP will be owned by your customers UID, they should then run under his UID. I am not sure, however, if you could get the whole apache subprocess to be run under a different UID this way, but then I am not sure if this would give additional security or other advantages. BTW. I've seen some descriptions on how to set up CGIwrap transparently so your customers whouldn't even notice CGIwrap is running. Something with setting up a handler for file extensions. Maybecheck the tips and tricks page http://cgiwrap.unixtools.org/tricks.html on this as well as for some nice mod_rewrite rules ;-) Cheers, Marcel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] http://www.zentek-international.com http://hk.zentek-international.com http://us.zentek-international.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Apache and multiple virtual domains
Hi! However, PHP is still run under the webserver's UID, correct? The only workaround is the run PHP in cgi version...? Yes. You need the CGI version I think Because you need to use the suEXEC wrapper, which is bit SUID, to execute programs under other UIDs (not nobody or httpd) hope it helps. cheers marcelo gulin Jason - Original Message - From: Marcelo Gulin [EMAIL PROTECTED] To: [EMAIL PROTECTED]; debian-isp@lists.debian.org Sent: Saturday, April 28, 2001 6:13 PM Subject: RE: Apache and multiple virtual domains Hi! You can use suEXEC mechanism to do that job. suEXEC wrapper allow run CGI SSI under different UIDs cheers marcelo gulin - Original Message - From: Marcel Hicking [EMAIL PROTECTED] To: debian-isp@lists.debian.org Sent: Friday, April 27, 2001 3:44 AM Subject: Re: Apache and multiple virtual domains What I want to do is have multiple virtual hosts with each virtual host having a different UID for running CGI-BIN scripts. http://cgiwrap.unixtools.org/ CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail. Since scripts uploaded via FTP will be owned by your customers UID, they should then run under his UID. I am not sure, however, if you could get the whole apache subprocess to be run under a different UID this way, but then I am not sure if this would give additional security or other advantages. BTW. I've seen some descriptions on how to set up CGIwrap transparently so your customers whouldn't even notice CGIwrap is running. Something with setting up a handler for file extensions. Maybecheck the tips and tricks page http://cgiwrap.unixtools.org/tricks.html on this as well as for some nice mod_rewrite rules ;-) Cheers, Marcel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] http://www.zentek-international.com http://hk.zentek-international.com http://us.zentek-international.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: Apache and multiple virtual domains
Hi! You can use suEXEC mechanism to do that job. suEXEC wrapper allow run CGI SSI under different UIDs cheers marcelo gulin - Original Message - From: Marcel Hicking [EMAIL PROTECTED] To: debian-isp@lists.debian.org Sent: Friday, April 27, 2001 3:44 AM Subject: Re: Apache and multiple virtual domains What I want to do is have multiple virtual hosts with each virtual host having a different UID for running CGI-BIN scripts. http://cgiwrap.unixtools.org/ CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail. Since scripts uploaded via FTP will be owned by your customers UID, they should then run under his UID. I am not sure, however, if you could get the whole apache subprocess to be run under a different UID this way, but then I am not sure if this would give additional security or other advantages. BTW. I've seen some descriptions on how to set up CGIwrap transparently so your customers whouldn't even notice CGIwrap is running. Something with setting up a handler for file extensions. Maybecheck the tips and tricks page http://cgiwrap.unixtools.org/tricks.html on this as well as for some nice mod_rewrite rules ;-) Cheers, Marcel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
