> Synopsis: VirtualHosts don't work with suexec, why not simply...
>
> State-Changed-From-To: open-closed
> State-Changed-By: marc
> State-Changed-When: Sun Mar 8 16:15:23 PST 1998
> State-Changed-Why:
> No, we can not do that. It is not secure. suexec has to
> be secure even in the case that any user can execute it.
> It is possible to extend it to allow multiple hardcoded
> documentroots. Right now, VirtualHosts work fine if you
> put them all below a common directory.
>
> suexec is very limited and anal on purpose; it is very easy
> to open up a lot of security risks.
thanks for the instant reply, but i don't see why it is not secure, you
can't possibly alter the environment-variable in the short time apache
loads suexec, can you ? otherwise i think that's a security-bug in apache
not suexec. multiple hardcoded documentroots needs recompiles after every
addition... using the environmentvariables (that were made for these
tasks) would make this much more flexible, i think. (or communication as
an argument is another option, although the environment is already there,
why don't suexec use it ? ;ppp)
if i'm taking away your precious time, just tell me. but i think this is
important enough to clear this out, cause i'm convinced that cgi's ran by
users are a counterspell against ASP... (and ASP is far more worse than
CGI IMHO)
_ _ _
----------------- |_)(-)(_- -----------------
fn:dag wieers - http://www.sisa.be/dagmenu/
em:[EMAIL PROTECTED] uin:363535
---------------------------------------------
if the human brain were so simple that we
could understand it, we would be so simple
we couldn't.
---------------------------------------------
