Enable suEXEC2013/05/11 |
|
Normally executing user for CGI is Apache's user,
but it's possible to execute CGI with other users by using suEXEC.
|
|
| [1] | Enable suEXEC |
|
root@www:~#
root@www:~# aptitude -y install apache2-suexec-custom a2enmod suexec To activate the new configuration, you need to run: service apache2 restart |
| [2] | For example, configure to enable suEXEC under a directory "wheezy". |
|
root@www:~#
vi /etc/apache2/suexec/www-data # add at the head: write directories you'd like to enable suEXEC /home/wheezy/public_html /var/www public_html/cgi-bin
root@www:~#
vi /etc/apache2/sites-enabled/virtual.host
<VirtualHost *:80>
root@www:~# ServerName www.virtual.host ServerAdmin webmaster@virtual.host DocumentRoot /home/wheezy/public_html ErrorLog /var/log/apache2/virtual.host.error.log CustomLog /var/log/apache2/virtual.host.access.log combined LogLevel warn # add: let wheezy a executing user SuexecUserGroup wheezy wheezy </VirtualHost> /etc/init.d/apache2 restart Restarting web server: apache2 ... waiting . |
| [3] | Make sure a test page is shown normally with changing parmission to 700. |
|
wheezy@www:~$ cd public_html
wheezy@www:~/public_html$
vi suexec.cgi #!/usr/bin/perl print "Content-type: text/html\n\n"; print "<html>\n<body>\n"; print "<div style=\"width: 100%; font-size: 40px; font-weight: bold; text-align: center;\">\n"; print "suEXEC Test Page"; print "\n</div>\n"; print "</body>\n</html>\n"; chmod 700 suexec.cgi |
|
Matched Content