I noticed that suexec doesn't abdicate the controlling terminal either, and I'd not be surprised to find out that non-suexec CGI invocation didn't do this either. The result is that I've just been able to escalate from local user --> root by writing a hostile CGI script - this is no longer just a case of having to find an exploit in apache itself.
Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]