I have a question to which I am trying to find an answer. If suexec is enabled in apache, a user can run his scripts under his own ID. It is fine. My questions are
1. In the first place for what purposes a user want to run CGI under his own ID.
2. Whatever is the purpose , why can't we change the permissions for the user accordingly in his virtual host entry in httpd conf file
3. Also I read that there are dangers in enabling suexec. What are the dangers. Some where it is written that when other users can execute his CGI scripts . it poses a danger to the server. How is this caused. Please explain me with a scenario.
I have read many articles , but I could not understand why the users want to run CGI scripts under their own ID. Why can't they be run under server's ID as nobody .
Thank You very much.
Webinar: 8 Signs You’re Beyond Cron
11am CDT, April 29th
Join Linux Journal and Pat Cameron, Director of Automation Technology at HelpSystems, as they discuss the eight primary advantages of moving beyond cron job scheduling. In this webinar, you’ll learn about integrating cron with an enterprise scheduler.Join us!
- Picking Out the Nouns
- Tips for Optimizing Linux Memory Usage
- "No Reboot" Kernel Patching - And Why You Should Care
- DevOps: Better Than the Sum of Its Parts
- Return of the Mac
- Android Candy: Intercoms
- Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites
- Non-Linux FOSS: .NET?
- Consent That Goes Both Ways