Hi Jonas, 2018-05-10 0:59 GMT+02:00 Jonas Meurer <jo...@freesources.org>: > > > Thanks a ton. I'm still not 100% sure whether I do it the right way, but > it occurs to me as if I just discovered two bugs in Apache2 suExec that > make crazy workarounds necessary. > > What do you think? >
Sorry for the lag in answering. I reviewed a bit the code and found out that this is a pretty common use case (looking for AP_USERDIR_SUFFIX and suexec in Google revealed a ton of material). suexec is compiled separately from httpd, since as you can see from the source it gets a main() by itself. This means that whatever you set in the httpd's config will not affect AP_USERDIR_SUFFIX, that is a parameter compiled with suexec (you can tune it using httpd's configure though at build time, but once you create the suexec binary it is done). As far as I can see there are suexec variant's shipped with some distributions that allow a suexec config file, but I don't have a lot of experience with systems like these. In this list there should be people running into the same issue that you encountered, let's see if another ping triggers some answers :) Hope that helps! Luca
