On 10/24/07, Grant Peel <[EMAIL PROTECTED]> wrote: > > > Joshua, > > Interesting, maybe I have always missunderstood these (suexec) conditions > (12 and 13 I think). > > > Is the directory within the Apache webspace? > > > > If the request is for a regular portion of the server, is the requested > directory within suEXEC's document root? If the request is for a UserDir, > is the requested directory within the directory configured as suEXEC's > userdir (see suEXEC's configuration options)? > Is the directory NOT writable by anyone else? > > We don't want to open up the directory to others; only the owner user may > be able to alter this directories contents. >
Those are restrictions about what kind of scripts suexec will launch. Suexec is a simple suid launcher. Once the script is launched, suexec no longer has any control over it. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]