The following reply was made to PR mod_cgi/918; it has been noted by GNATS.
From: Dean Gaudet <[EMAIL PROTECTED]> To: "Tyler J. Allison" <[EMAIL PROTECTED]> Subject: Re: mod_cgi/918: if not using suexec, apache forces user to use server gid/uid settings Date: Sat, 26 Jul 1997 22:18:13 -0700 (PDT) Wait a sec. What are the permissions on your cgiwrap files? You must have at least the gid set to the webserver's gid... otherwise how the heck are you executing them? can_exec checks essentially the same thing a call to access() would. Unless your cgiwrap files have uid == webserver's uid, or gid == webserver's gid, and the appropriate x bit set. Or it has the o+x bit set ... then you can't execute the file to begin with. Unless you're running the webserver as root. Dean
