Hi,
My configuration has a single VirtualHost serving all of the websites.
I'm using suphp so that cgi scripts are executed as the owner of the
file. In my VirtualHost I do this:
AddHandler x-suphp-cgi .cgi .pl
I want to give people access to use mod_rewrite from .htaccess files,
but in order to do that I need to add "AllowOverride FileInfo" to a
<Directory>. However, if I do that, it also gives them access to use
SetHandler/AddHandler in .htaccess. If they can use those directives,
then they can override my suphp configuration and stick this in their
.htaccess file:
AddHandler cgi-script .cgi .pl
That then makes their scripts run as the apache user, which is what I'm
trying to avoid... Any ideas?
--
Mike Cardwell - IT Consultant and LAMP developer
Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [email protected]
" from the digest: [email protected]
For additional commands, e-mail: [email protected]
