You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Florian D�rsch <Fl...@gmx.de> on 2004/06/08 10:18:18 UTC

[users@httpd] Virtual Hosts unter 1.3.29 and PHP4.3.6

Hi,
i am using VirtualHosts:

domain.tld
a.domain.tld
b.domain.tld

Every VirtualHost is running under a spezific user:

domain.tld -> apache
a.domain.tld -> a
b.domain.tld -> b

Now I found following bug(?)/problem: If I create a directory/file on
b.domain.tld with a PHP-Script, it will be created with the "masteruser", I
mean the User "apache" and not with "a" or "b". I tried to fix that to set
the user in http_protocoll.c per request. The fix worked, but no cookies or
sessions worked anymore. So this won't be the master solution.

Does sb know a workaround for it?

Thanx!
FloSoft




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Re: Virtual Hosts unter 1.3.29 and PHP4.3.6

Posted by FloSoft <Fl...@gmx.de>.

Hmm Is there no change to get it working? (Perhaps creating an own module?)
I don't want to go through the whole source and change many things ...

(I tried to set the user for each request, but I got problems to switch it a
2nd time, MaxRequestsPerChild doesnt work properly?)




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Virtual Hosts unter 1.3.29 and PHP4.3.6

Posted by Joshua Slive <jo...@slive.ca>.

On Tue, 8 Jun 2004, Florian Dörsch wrote:
> Now I found following bug(?)/problem: If I create a directory/file on
> b.domain.tld with a PHP-Script, it will be created with the "masteruser", I
> mean the User "apache" and not with "a" or "b". I tried to fix that to set
> the user in http_protocoll.c per request. The fix worked, but no cookies or
> sessions worked anymore. So this won't be the master solution.

This is a well-known limitation of the unix security model implemented by 
apache.  The "User" specified in each vhost is used *only* for cgi script 
called by suexec.  It is not used for normal request processing by modules 
such as php.

Your alternatives are to use php-based restrictions such as "safe mode", 
or remove the php module and call php as a cgi script via suexec.
(Or, if you have a small number of users, you can have a separate apache 
serving each virtual host under a separate userid.)

Joshua.