[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [users@httpd] Re: mod_suexec with mod_userdir and fcgid (webapps in subdirs with separated user context)

Hi Jonas,

2018-05-10 0:59 GMT+02:00 Jonas Meurer <jonas@xxxxxxxxxxxxxxx>:

Thanks a ton. I'm still not 100% sure whether I do it the right way, but
it occurs to me as if I just discovered two bugs in Apache2 suExec that
make crazy workarounds necessary.

What do you think?

Sorry for the lag in answering. I reviewed a bit the code and found out that this is a pretty common use case (looking for AP_USERDIR_SUFFIX and suexec in Google revealed a ton of material). suexec is compiled separately from httpd, since as you can see from the source it gets a main() by itself. This means that whatever you set in the httpd's config will not affect AP_USERDIR_SUFFIX, that is a parameter compiled with suexec (you can tune it using httpd's configure though at build time, but once you create the suexec binary it is done). As far as I can see there are suexec variant's shipped with some distributions that allow a suexec config file, but I don't have a lot of experience with systems like these.

In this list there should be people running into the same issue that you encountered, let's see if another ping triggers some answers :)

Hope that helps!