Received: (qmail 23741 invoked by uid 2012); 2 Mar 1998 01:58:01 -0000 Message-Id: <19980302015801.23740.qmail@hyperreal.org> Date: 2 Mar 1998 01:58:01 -0000 From: Jason Riedy Reply-To: ejr@cise.ufl.edu To: apbugs@hyperreal.org Subject: SUEXEC_BIN is set to /usr/local/apache... regardless of HTTPD_ROOT X-Send-Pr-Version: 3.2 >Number: 1894 >Category: suexec >Synopsis: SUEXEC_BIN is set to /usr/local/apache... regardless of HTTPD_ROOT >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Class: change-request >Submitter-Id: apache >Arrival-Date: Sun Mar 1 18:00:00 PST 1998 >Last-Modified: Wed Mar 11 11:12:49 PST 1998 >Originator: ejr@cise.ufl.edu >Organization: >Release: 1.3b5 >Environment: doesn't matter >Description: SUEXEC_BIN is set to a file in /usr/local/apache regardless of the configured setting of HTTPD_ROOT. If someone has ExecCGI turned on under UserDirs, upgrades with HTTPD_ROOT = something else, and runs it, the CGI scripts will be run as the server. Naturally, you should check things like this before you upgrade, but some folks won't. >How-To-Repeat: >Fix: --- httpd.h 1998/02/28 20:26:44 1.1.1.1 +++ httpd.h 1998/03/02 01:52:25 @@ -233,7 +233,7 @@ /* The path to the suExec wrapper, can be overridden in Configuration */ #ifndef SUEXEC_BIN -#define SUEXEC_BIN "/usr/local/apache/sbin/suexec" +#define SUEXEC_BIN HTTPD_ROOT "/sbin/suexec" #endif /* The default string lengths */ %0 >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: marc State-Changed-When: Wed Mar 11 11:12:48 PST 1998 State-Changed-Why: That makes sense; not just for the suexec define, but also for DOCUMENT_LOCATION. Done, thanks. >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]