The following reply was made to PR suexec/946; it has been noted by GNATS. From: Marc Slemko <[EMAIL PROTECTED]> To: Ronny Cook <[EMAIL PROTECTED]> Subject: Re: suexec/946: The "User" directive fails for virtual hosts where the user differs from that for the main server. Date: Sat, 2 Aug 1997 14:14:38 -0600 (MDT)
On Fri, 1 Aug 1997, Ronny Cook wrote: > The suexec documentation includes a paragraph which says: > ] One way to use suEXEC is through the User and Group directives in > ] VirtualHost definitions. By setting these directives to values different > ] from the main server user ID, all requests for CGI resources will be > ] executed as the User and Group defined for that <VirtualHost>. If only > ] one or neither of these directives are specified for a <VirtualHost> > ] then the main server userid is assumed. > > I took this to mean that I could use "User" and "Group" to enable suexec > for particular hosts by compiling suexec to use one particular UID (in our > case it's "cgiwrap") then using the User directive to force suexec to work > only when a particular virtual host is being accessed. This doesn't work, > basically because the *User* directive doesn't work (for virtual hosts). As > nearly as I can tell, The User directive doesn't work because requests are > farmed out to subservers which are already running under a non-root UID. > > It could be a documentation bug rather than a program bug, I suppose, but > if so that begs the question of what is the server *supposed* to be doing > with the User directive? No, that is not the way things should work and I don't really see that being implied by the above docs. Apache will never setuid() after its initial change to the user specified by the main User directive (if started as root; if not started as root, it will never setuid() at all). To use suexec, suexec _needs_ to be setuid root so it can setuid() to the appropriate user. That is the whole point of suexec; Apache does not run as root beacause that is a huge security risk, so it can't setuid(). That means suexec is the one that has to do that.
