About a decade ago I do recall solving a similar problem by running apache as root and using some sort of setuid capability such that apache would become the user in question, and thus have all of their permissions. This approach was strongly discouraged since it opens up your system to anyone who can find a security hole in apache. Perhaps it could be made slightly safer if apache was run inside a chroot jail of some sort that included homedirs but not the rest of the system?
Documentation for mod_suid says "thus you have to compile and configure Apache2 with -DBIG_SECURITY_HOLE option". I chuckled. As an alternative to running all of apache as root, you could setuid-enable just those functions that need to be done by the user. Still dangerous though. - Alex _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
