[ic] IC 5.6.0 only working with socketperms 666
Davor Ocelic
docelic at spinlocksolutions.com
Wed Sep 3 14:06:08 UTC 2008
On Wed, 3 Sep 2008 14:34:11 +0100
"IC" <ic at tvcables.co.uk> wrote:
> By default, IC socket file is owned by user who is running
> Interchange, and is chmod 600.
>
> All you have to do is make the cgi link program run as that user.
>
> So, if it's a vhost, you can define User and Group options in apache
> config, and then the link program will run as that user.
>
> If it's not, you can use Apache's suexec, and chown link program to
> Interchange, and set suid bit on it. But read more on suexec on apache
> documentation pages, because it has a whole set of rules before it
> will suid the program.
>
> Hi Doc,
>
> Can you elaborate a little more please as to which files I need to
> change,
Your web server's config is in /etc/apache/, /etc/apache2/
or /etc/httpd/, something like that.
In the section where your virtual host is defined (the place where
you defined ServerName, ServerAdmin, DocumentRoot etc.), you add
User and Group options.
You might define User or Group only (to change only one ID, not
both), and then in Interchange have SocketPerms 0600 (if you changed
user), or 0660 (if you changed group).
> also if I am the only one on the server is it safe to just
> run it 0666?
Yes, socket is Unix, so it's not possible to connect to it unless
someone has access to the server first.
-doc
More information about the interchange-users
mailing list