Quoting zentara
On Tue, 1 Jul 2003 04:30:47 -0500 etbonick@networkinggeeks.com wrote:
I recently tried to install ipaudit-web on my suse 8.2 box. I ran into a problem with apache and apache2. IPAudit has cgi scripts that is runs form its public_html directory. It is created as a regular user. The susexec package to my knowledge is supposed to execute the users cgi scripts as the owner of the bin. IN apache and apache2 they are all run as wwwrun. Is this a vulerability? Is there any way to fix this?
A vulnerability? Probably not, since you are running as wwwrun, which is a lower user than a normal user.
Have you determined why suexec isn't working? Is it installed? What is the name of the user whose public_html's cgi-bin it is installed in? It sounds like, (from your wording above) that IPAudit is a user on the system? Are you running it from /home/IPAudit/public_html/cgi-bin ?
What does the suexec log say?
I figured it out I had tried both apache and apache2. Apache2 was still running after uninstalling it and installing apache. After rebooting it works with apache but I dont know if it works with apache2.