You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Florian D�rsch <Fl...@gmx.de> on 2004/06/08 10:18:18 UTC
[users@httpd] Virtual Hosts unter 1.3.29 and PHP4.3.6
Hi,
i am using VirtualHosts:
domain.tld
a.domain.tld
b.domain.tld
Every VirtualHost is running under a spezific user:
domain.tld -> apache
a.domain.tld -> a
b.domain.tld -> b
Now I found following bug(?)/problem: If I create a directory/file on
b.domain.tld with a PHP-Script, it will be created with the "masteruser", I
mean the User "apache" and not with "a" or "b". I tried to fix that to set
the user in http_protocoll.c per request. The fix worked, but no cookies or
sessions worked anymore. So this won't be the master solution.
Does sb know a workaround for it?
Thanx!
FloSoft
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Virtual Hosts unter 1.3.29 and PHP4.3.6
Posted by FloSoft <Fl...@gmx.de>.
Hmm Is there no change to get it working? (Perhaps creating an own module?)
I don't want to go through the whole source and change many things ...
(I tried to set the user for each request, but I got problems to switch it a
2nd time, MaxRequestsPerChild doesnt work properly?)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Virtual Hosts unter 1.3.29 and PHP4.3.6
Posted by Joshua Slive <jo...@slive.ca>.
On Tue, 8 Jun 2004, Florian Dörsch wrote:
> Now I found following bug(?)/problem: If I create a directory/file on
> b.domain.tld with a PHP-Script, it will be created with the "masteruser", I
> mean the User "apache" and not with "a" or "b". I tried to fix that to set
> the user in http_protocoll.c per request. The fix worked, but no cookies or
> sessions worked anymore. So this won't be the master solution.
This is a well-known limitation of the unix security model implemented by
apache. The "User" specified in each vhost is used *only* for cgi script
called by suexec. It is not used for normal request processing by modules
such as php.
Your alternatives are to use php-based restrictions such as "safe mode",
or remove the php module and call php as a cgi script via suexec.
(Or, if you have a small number of users, you can have a separate apache
serving each virtual host under a separate userid.)
Joshua.