You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Brian Pane <bp...@pacbell.net> on 2002/05/27 00:17:43 UTC
Re: suexec, userdir, and mod_cgid Re: suexec related patches for PR
7810, 7791, 8291, 9038
On Sun, 2002-05-26 at 13:18, Brian Pane wrote:
> On Sat, 2002-05-25 at 20:17, Colm MacCárthaigh wrote:
> > patch 1 (mod_cgid.c) fixes 7810/9039/mod_cgid, it just works.
>
> Patch 1 didn't work when I tried it. The problem was that it depends
> on mod_userdir's get_suexec_id_doer() to create a proper suexec
> config based on the userdir. But mod_userdir's get_suexec_id_doer()
> function never is invoked, because mod_suexec's get_suexec_id_doer()
> is called first.
>
> I modified mod_userdir to insert its suexec identity function in
> front of mod_suexec's. The suexec+cgid+userdir combination now works
> properly in my test environment, but I'd like a second opinion before
> I commit.
Actually, as Colm pointed out in PR 9083, the precedence of
mod_userdir vs mod_suexec is a more general design issue,
independent of mod_cgid. With patch1 and without a mod_userdir
change, the combination of cgid+userdir+suexec works as long
as there's no global SuexecUserGroup directive. That brings
cgid up to par with cgi, so I'll commit the cgid patch.
--Brian