Disabling Suexec
If your Apache installation is currently suexec-enabled, it's very simple to
turn the wrapper off. Just do one or more of the following to the suexec
binary:
$which suexec)
* Clear the setuid bit
* Change the owner to be someone other than root
* Delete or rename it
Suexec
the Apache server creates a child process running the suexec binary and passes
the particulars to it.
suexec works by wrapping an operation up in a package executed under a
different username,
The wrapper verifies that all the security requirements are met,
http://www.linuxplanet.com/linuxplanet/tutorials/1445/2/
The suEXEC feature provides Apache users the ability to run CGI and SSI
programs under user IDs different from the user ID of the calling web server.
Normally, when a CGI or SSI program executes, it runs as the same user who is
running the web server.
Used properly, this feature can reduce considerably the security risks involved
with allowing users to develop and run private CGI or SSI programs. However, if
suEXEC is improperly configured, it can cause any number of problems and
possibly create new holes in your computer's security. If you aren't familiar
with managing setuid root programs and the security issues they present, we
highly recommend that you not consider using suEXEC.
B.Sadhiq
--- In [email protected], prashik pawar <pawarpras...@...> wrote:
>
> Hi Friends,
> I installed new RHEL 5. In dat whn I try to restart httpd
> service.....it gives d following ERROR.
>
>
> suEXEC mechanisum enabled (wrapper: /usr/sbin/suexec)
>
>
>
> I dnt want dis feature, hw will I disable "suEXEC".... & start d httpd
> service.
> Plz. help me frends.......thanx.
>
>
>
>
>
>
>
>
>
> Now, send attachments up to 25MB with Yahoo! India Mail. Learn how.
> http://in.overview.mail.yahoo.com/photos
>
> [Non-text portions of this message have been removed]
>
