Synopsis: Apache allows execution of setuid cgi's without suexec installed.
State-Changed-From-To: open-closed State-Changed-By: marc State-Changed-When: Tue Aug 18 13:25:26 PDT 1998 State-Changed-Why: Erm... yea, so? That is the way Unix has always worked. If a program is setuid then it executes by the user it is setuid to. That isn't a bug or a feature in Apache, but just the way things are on Unix. Note that this also allows others to excute it setuid to whatever user you setuid it to, which can lead to security issues if your CGI isn't secure.
