of course that's possible... it's not default, but it's very possible
i think it's an apache module called suEXEC
that will run the script with the script owner's name.group,
not apache.apache
> -----Original Message-----
> From: [EMAIL PROTECTED]
> Subject: [PHP] PHP/Apache security question
>
> Is there anything anyone can do about this? of course it would be ideal if
> php would inherit uid/gid from the script file instead of the server
> ownership but I think there is no way to accomplish this, so this is why
> I am clueless.
>
> Oh, one more thingie: I have this CGI script here:
>
> #!/usr/bin/php
> <html><head>.....
> etc etc
> ----------------
>
> I try to access it and the "security warning!" page appears. The
> documentation sais that it's ok to use such CGI scripts, and warns the
> user about the security threat of using the php binary as a CGI. Obviously
> I am not using the php binary as a CGI, rather I am creating a CGI script
> that's interpreted using the php binary, so what seems to be the problem
> here?
>
> Thx a lot,
> georgeb
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
