[Interchange-bugs] [Bug 126] Changed - CGI not installed as proper user in SUEXEC environment (makecat)
Sat, 17 Feb 2001 11:58:15 -0500
*** shadow/126 Thu Feb 15 15:51:51 2001
--- shadow/126.tmp.20976 Sat Feb 17 11:58:15 2001
*** 3,9 ****
! Status: NEW
--- 3,9 ----
! Status: ASSIGNED
*** 26,28 ****
--- 26,43 ----
Also, since interchange doesn't work in UNIX mode in an SUEXEC environment, why
even offer the UNIX mode if SUEXEC is on?
+ ------- Additional Comments From email@example.com 2001-02-17 11:58 -------
+ These are valid points. This option is really intended for the virtual
+ server environment, where the user ID installing is usually NOT root,
+ and there is only one UID to deal with. The major effect of the
+ option for that scenario is to turn off the SUID bit.
+ I had not anticipated a root installer answering this question
+ yes -- the proper thing to do (IMO) is to make it owned by the
+ catuser's UID/GID.
+ There is no reason we can't determine this from httpd.conf if
+ that is available. Failing that, we can make it owned by CATUSER
+ and issue a warning that the permissions should be checked.