general/4435: suEXEC only works on CGIs/SSIs (not very useful for permission locking)

[Brendan Byrd <si...@resonatorsoft.com>]

>Number:         4435
>Category:       general
>Synopsis:       suEXEC only works on CGIs/SSIs (not very useful for permission locking)
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Mon May 17 20:50:01 PDT 1999
>Last-Modified:
>Originator:     sineswiper@resonatorsoft.com
>Organization:
apache
>Release:        1.3.6
>Environment:
Linux 2.2.7 i686
>Description:
I'm not sure if this is a config problem or something you don't have (the docs seem to indict the latter), but I'd like for suEXEC to work for EVERY file, not just CGI/SSIs.  Since I'm dealing with multiple web accounts on a server, I'd like to lock down the /home/username directory to 700, so that only the user and the web server can access that directory.  Unforunately, the "chmod 700" setting locks off the web server in its current state.  I've seen done on other systems (any of OLM.net's boxes, for example), but I don't know if it's a patch or what.
>How-To-Repeat:

>Fix:

>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request ]
[from a developer.                                      ]
[Reply only with text; DO NOT SEND ATTACHMENTS!         ]