We have a unique problem in that suexec is changing the real uid to the user who owns the script, but it is setting the effective uid to root!
We have swapped out all libraries that suexec uses and all libraries and modules that apache uses, as well as the suexec binary and apache binaries as well.
Nothing has any effect.
The system is Red Hat Linux 7.3, kernel 2.4.33.2, with Apache 1.2.3 (patched for security).
Here is what suexec is built with and it is exactly the same as on servers that work correctly.
-D DOC_ROOT="/home/httpd/"
-D GID_MIN=100
-D HTTPD_USER="www"
-D LOG_EXEC="/var/log/httpd/cgi.log"
-D SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D UID_MIN=100
-D USERDIR_SUFFIX="public_html"
Has anyone had any experience with this. Any ideas, suggestions?
We have swapped out all libraries that suexec uses and all libraries and modules that apache uses, as well as the suexec binary and apache binaries as well.
Nothing has any effect.
The system is Red Hat Linux 7.3, kernel 2.4.33.2, with Apache 1.2.3 (patched for security).
Here is what suexec is built with and it is exactly the same as on servers that work correctly.
-D DOC_ROOT="/home/httpd/"
-D GID_MIN=100
-D HTTPD_USER="www"
-D LOG_EXEC="/var/log/httpd/cgi.log"
-D SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D UID_MIN=100
-D USERDIR_SUFFIX="public_html"
Has anyone had any experience with this. Any ideas, suggestions?