I agree, that apache2-suexec seems pretty broken out of the box. There are
some decent hints in this howto:
*
http://www.unixguru.biz/howto-apache2-suexec-php5-and-fastcgi-for-virtual-domains/
** Changed in: apache2 (Ubuntu)
Status: New = Triaged
--
suexec should be configured to use
Using /home as suexec docroot is a big no-no from a security point of
view. It will create local privilege escalation vulnerabilities in many
situations. If you don't want to use /var/www you should probably use
directories under /srv.
In any case, the above howto is outdated. Nowadays there is
Stefan, thanks for the information, that looks like a much better way to
handle this. :)
--
suexec should be configured to use /home as its docroot
https://bugs.launchpad.net/bugs/629633
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
