suEXEC will only be used if the virtual host executing the CGI has a UID different than that of the main server, (This can be set through 'User/Group' directives in the relevant VirtualHost section) or if the URL to the CGI includes a ~user path.
Are you meeting those conditions? Is anything being logged to the error_log? > >Number: 741 > >Category: suexec > >Synopsis: Apache fails to find and use suexec > >Confidential: no > >Severity: serious > >Priority: medium > >Responsible: apache (Apache HTTP Project) > >State: open > >Class: sw-bug > >Submitter-Id: apache > >Arrival-Date: Mon Jun 16 05:10:00 1997 > >Originator: [EMAIL PROTECTED] > >Organization: > apache > >Release: 1.2.0 > >Environment: > Linux amethyst 2.0.29 #1 Wed Jun 11 17:14:14 BST 1997 i586 > > GCC version 2.7.2.1 > >Description: > Apache does not find or use the suexec program, even when the SUEXEC_BIN > variable > and file permissions (4711) and ownership (root) are correct. > > I have tested this by using identicle httpd.h and conf/* files for both > releases > 1.2b11 and 1.2.0. 1.2b11 works as expected, reporting > > Configuring Apache for use with suexec wrapper > > whereas 1.2.0 does not. > > A further test running a cgi script to print the output of 'id' proved that > 1.2.0 > was failing to use suexec > >How-To-Repeat: > The script I used was as follows: > > #!/bin/bash > # id.cgi > echo -e 'Content-type: text/plain\n\n' > echo `id` > > Running this script from within a users public_html directory should give the > users id, not the id of the user running the web server. > >Fix: > > >Audit-Trail: > >Unformatted: >
