|The Apache HTTP Server Reference Manual
by Apache Software Foundation
Paperback (6"x9"), 862 pages
RRP £19.95 ($29.95)
The suEXEC feature provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web server. Normally, when a CGI or SSI program executes, it runs as the same user who is running the web server.
Used properly, this feature can reduce considerably the security risks involved with allowing users to develop and run private CGI or SSI programs. However, if suEXEC is improperly configured, it can cause any number of problems and possibly create new holes in your computer’s security. If you aren’t familiar with managing setuid root programs and the security issues they present, we highly recommend that you not consider using suEXEC.
22.2 suEXEC Security Model
22.3 Configuring & Installing suEXEC
22.3.1 Compiling and installing the suEXEC wrapper
22.3.2 Setting paranoid permissions
22.4 Enabling & Disabling suEXEC
22.5 Using suEXEC
22.6 Debugging suEXEC
22.7 Beware the Jabberwock: Warnings & Examples
|ISBN 9781906966034||The Apache HTTP Server Reference Manual||See the print edition|