Slavik
Jun 2 2005, 04:30 AM
Dear Customers,
we are planning to recompile php with su_exec on our servers during this month.
Best regards,
Slavik Koshelev
bpgisme
Jun 2 2005, 05:21 AM
I have no idea what that is, but, okay.
-Bonnie
Niels
Jun 2 2005, 12:46 PM
I believe this is a security wrapper for shared cgi.
QUOTE
The suEXEC feature -- introduced in Apache 1.2 -- provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web-server. Normally, when a CGI or SSI program executes, it runs as the same user who is running the web server.
Used properly, this feature can reduce considerably the security risks involved with allowing users to develop and run private CGI or SSI programs
from:
apache.orgAre you planning to recompile php on vps also?
-
niels
[edit]added description from apache[/edit]
Dark Hedgehog
Jun 4 2005, 11:20 AM
I had an error here:
http://www.sonicdash.net/home/index.phpAny-ways on fixing this?
I am lost and haven't been into coding for months..
Beyonda
Jun 6 2005, 01:11 AM
would this cause file permissions to go wacky? I sent a ticket in about this - but the index.php of one of my addons keeps changing it's CHMOD settings, causing the page to be unreadable in browsers.
It keeps goign back to 666, and hostony tells me that his is impossible. Funny - as I havew to chnage it back many times a day.
pAtrick
Jun 6 2005, 09:34 AM
This is causing problems I think.
Using suexec, one cannot specify special php settings by using php_value or php_flag or something like that. You will have to use a seperate php.ini in your home directory. This is fine for me but for users who don't understand this, no good at all. Also we will lose the ability to set seperate settings for different dirctories.
On the other hand, because of this, php will run under CGI mode rather than an apache module. What about the performance?
MartinB
Jun 6 2005, 12:11 PM
QUOTE(pAtrick @ Jun 6 2005, 06:34 AM)
This is causing problems I think.
Using suexec, one cannot specify special php settings by using php_value or php_flag or something like that. You will have to use a seperate php.ini in your home directory. This is fine for me but for users who don't understand this, no good at all. Also we will lose the ability to set seperate settings for different dirctories.
On the other hand, because of this, php will run under CGI mode rather than an apache module. What about the performance?
so, now all my .htaccess for php values are unusable ?
bpgisme
Jun 6 2005, 04:29 PM
Have you done this PHP update thing on Server 23 yet?
And, er... should I be worried? I've got seven Nucleus weblogs on there and a PHP based guestbook and a little bit of PHP code on my splash page (image rotator).
-Bonnie
pAtrick
Jun 6 2005, 08:39 PM
QUOTE(mblendinger @ Jun 7 2005, 12:11 AM)
so, now all my .htaccess for php values are unusable ?
Yes. Not only unusable, but you will also get 500 errors. I submitted a ticket saying that my gallery installation is not working because gallery have a .htaccess file changing some settings. And they just simply renamed(thus disabled) .htaccess file. How stupid is that?
It is OK for users like me to deal with those myself, but how about others? I think the support will be flooded. And DISABLEING .HTACCESS IS NOT A SOLUTION.
Anyway, I found a brief article about phpsuexec on google from another hosting provider:
http://www.digitalpulsehosting.com/support...view/article/9/This could be helpful.
MartinB
Jun 6 2005, 10:45 PM
ok, i think is time to send a massive email to all my customers for the .htaccess issue.
(also, Today is the "My site is not working" day, for me. (and for support i think, hehe))
Beyonda
Jun 6 2005, 10:57 PM
yeah - this has been quite a few days. Funny how they dont seem to think that what they have been working on has effected so many of us.
Are they even checking this board???
pAtrick
Jun 7 2005, 12:02 AM
Actually running a fairly simple perl script might help. I am a PHP guy so I can't write one. But here is the idea:
1. Look into every single directory to see if .htaccess exists.
2. Parse .htaccess to see if php_value and/or php_flag is used and not already commented out.
3. If so record these entries.
4. Comment them out.
5. Create a php.ini file in the same directory with recorded settings.
6. chmod the php.ini file to the user's UID/GID (IDs can be fetched from .htaccess file).
The best way would be running it in /home as root.
dingfelder
Jun 7 2005, 01:52 AM
I think this is urgently needed
pAtrick
Jun 7 2005, 03:16 AM
Hey dingfelder, greetings from Wellington.
MartinB
Jun 7 2005, 02:48 PM
EDITED:
I have get a personalized technical support assistance of
exelence today, all is working pretty well now.
thank you very much to Ostap and Alex.
Alexandre
Jun 7 2005, 06:07 PM
Hi Martin,
Thank you
You are welcome.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.