The following reply was made to PR mod_cgi/918; it has been noted by GNATS.
From: "Tyler J. Allison" <[EMAIL PROTECTED]> To: Dean Gaudet <[EMAIL PROTECTED]> Subject: Re: mod_cgi/918: if not using suexec, apache forces user to use server gid/uid settings Date: Sat, 26 Jul 1997 23:19:49 -0700 > Wait a sec. What are the permissions on your cgiwrap files? You must > have at least the gid set to the webserver's gid... otherwise how the heck > are you executing them? Yes the gid is set to the webserver gid. > > can_exec checks essentially the same thing a call to access() would. > > Unless your cgiwrap files have uid == webserver's uid, or gid == > webserver's gid, and the appropriate x bit set. Or it has the o+x bit set > ... then you can't execute the file to begin with. Unless you're running > the webserver as root. Not running as root Let me explain a bit better... We run 2 web servers on our development box one using a cgiwrapper and one that just calls cgi programs strait out of the cgi-bin directory. The user does testing in the none wrapped directory and once it works without the wrapping we make the necessa ry file gid/uid/mode changes and put it under the cgiwrapped server for more testing. When we upgraded both of them from the latest 1.2 beta to 1.2.1 the non-wrapped server cgi-bin's broke..giving the error message produced by can_exec. I commented out that function call in the mod_cgi and everything went back to working. I assumed can _exec was a new addition...maybe I was wrong. Ill do some more testing on monday when I get in to work to make sure its the can_exec function that is causing the problem and not user error on our side. Thank you for the quick response..Ill be sure to send you an update on monday. -Tyler .-- --. | Tyler Allison | Sterling Software | Voice: (415) 604-6629 | | Network Engineer I | M/S 258-6 | Fax: (415) 604-4377 | | LAN/Security Group | NASA Ames Research Center +-----------------------+ | NAS Facility | Moffett Field, CA 94035 | [EMAIL PROTECTED] | `-- --'
