resending to the list. On Mon, Jan 3, 2011 at 15:13, Grzegorz Dwornicki <[email protected]> wrote: > Ok i agree but lets say that apache is running on www-data:www-data > and it see a php script. Soo suphp change user uid to user bo in the > end i have user:www-data? In that case the group perms still aply.
no php will be running as user:user's-primary-group > But to be back in maim topic why apache as root + suphp generates 500 > internat serwer error? Without checking the source I would say: "this is a security check that forces suphp to only change effective uid when called from the apache user (usually www-data, www or apache). This should be a compile time setting which can only be changed with a recompilation and uses the numeric uid to be sure uid spoofing cannot happen." Regards, The Honeymonster aka Daniel Llewellyn _______________________________________________ suPHP mailing list [email protected] https://lists.marsching.com/mailman/listinfo/suphp
