[Interchange-bugs] [Bug 126] Changed - CGI not installed as proper user in SUEXEC environment (makecat)

bugzilla-daemon@localhost.akopia.com bugzilla-daemon@localhost.akopia.com
Sat, 17 Feb 2001 11:58:15 -0500


http://developer.akopia.com/bugs/show_bug.cgi?id=126

*** shadow/126	Thu Feb 15 15:51:51 2001
--- shadow/126.tmp.20976	Sat Feb 17 11:58:15 2001
***************
*** 3,9 ****
  Version: 4.6.3
  Platform: PC
  OS/Version: Linux
! Status: NEW   
  Resolution: 
  Severity: normal
  Priority: P2
--- 3,9 ----
  Version: 4.6.3
  Platform: PC
  OS/Version: Linux
! Status: ASSIGNED   
  Resolution: 
  Severity: normal
  Priority: P2
***************
*** 26,28 ****
--- 26,43 ----
  
  Also, since interchange doesn't work in UNIX mode in an SUEXEC environment, why 
  even offer the UNIX mode if SUEXEC is on?
+ 
+ ------- Additional Comments From mike@minivend.com  2001-02-17 11:58 -------
+ These are valid points. This option is really intended for the virtual
+ server environment, where the user ID installing is usually NOT root, 
+ and there is only one UID to deal with. The major effect of the
+ option for that scenario is to turn off the SUID bit.
+ 
+ I had not anticipated a root installer answering this question
+ yes -- the proper thing to do (IMO) is to make it owned by the
+ catuser's UID/GID.
+ 
+ There is no reason we can't determine this from httpd.conf if
+ that is available. Failing that, we can make it owned by CATUSER
+ and issue a warning that the permissions should be checked.
+