Re: [users@httpd] Running PHP as CGI without Shebang

Thu, 01 Jun 2006 01:34:20 -0700 

Hi
I recognize this method from the manuals i've read. I think i've tried this before but failed because of suExec. I'm thinking suexec does not allow the users to execute this program.cgi file which is owned by root. Is there a way around this in suexec and still keep the functionality of suexec that does not allow users to execute other files not owned by their user and group? 


I'm sorry but i think i replied to the wrong e-mail the first time. I'm 
sorry if this gets posted twice.




Med vänliga hälsningar

Stefan Midjich aka nocturnal
[Swehack] http://swehack.se


Joshua Slive wrote:

On 5/31/06, nocturnal <[EMAIL PROTECTED]> wrote:

Hi

I've tried a few alternative solutions but i can't remember if a global
ScriptAlias was one of them. Possibly only a global Alias. I will try it
as soon as i get some time for it.

The configuration is as follows in each vhost.

  AddHandler php-v4 .php
  Action php-v4 /cgi-bin/program.cgi

This forces each vhost to have a program.cgi which is a copy of the php
binary interpreter. This is in the <Directory> section of each vhost.
The section also contains ExecCGI in Options.


Well, you shouldn't need any of that.  You should only need the
following in a global (not vhost) section:

AddHandler php-v4 .php
Action php-v4 /cgi-global/program.cgi
ScriptAlias /cgi-global /full/path/to/global/cgi-bin
and possibly a <Directory /full/path/to/global/cgi-bin> allowing
access depending on the permissions of parent directories.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to