Lee E. Brotzman wrote: > In general, you don't have to have suEXEC to run setuid programs. If > you can set the permission bits on CGI scripts on your shared web > server, you can turn on the setuid bit for those few CGI scripts you > need to have setuid. I don't know about other Unices, but Linux deliberately doesn't support setuid scripts (a wise move, IMHO). Perl attempts to re-introduce the problem via the setuid "suidperl" binary, but many sysadmins will disable that (again, a wise move, IMHO). Finally, many virtual hosting providers solve both the problems associated with running all CGI scripts as "nobody" and the potential risks of suEXEC by simply not permitting users to upload CGI scripts at all. If you want to run your own CGI scripts, you have to rent a separate server. -- Glynn Clements <glynn.clementsat_private>
This archive was generated by hypermail 2b30 : Fri May 24 2002 - 13:44:22 PDT