View Single Post
  #3  
Old 1st August 2012, 23:51
centurianii centurianii is offline
Junior Member
 
Join Date: Mar 2009
Posts: 13
Thanks: 1
Thanked 0 Times in 0 Posts
Default Apache mass virtual hosting and suExec

Thank you Falco for your fast answer!

I'm aware of this link from Apache documentation but I have some questions there: Apache suggests the use of httpd.conf file whereas you suggest to write files at /var/www/ directory. Which approach is better?

Apache suggest to use mod_vhost_alias or mod_rewrite. Is some method better than the other? I think the first one is simpler.

There is another think I'm wondering about after reading this article some time ago: http://jp-larocque.livejournal.com/49475.html

The writer implies that some php can run under suExec with user writes and some other "non-userdir FastCGI scripts" to NOT use suEXEC. For that reason he gives a hack, a FastCGI wrapper hack script at /usr/local/sbin/fastcgi-suexec-hack:
Code:
#!/bin/sh
# This hack exists exclusively to work around the restriction that
# FastCGI wrappers (e.g. suEXEC) are an all-or-nothing ordeal.  Thou
# shalt not enable wrappers for userdirs but not for the whole site.
# Thou shalt not configure non-userdir FastCGI scripts to use suEXEC
# or thou shall suffer my wrath of mysterious suexec policy violation
# notices for 7 generations.
a php library 
username="$1"
group="$2"
application="$3"

case "$(pwd)/" in
/home/*/public_html/*)
	exec /usr/lib/apache2/suexec "$username" "$group" "$application";;
*)
	application_abs="$(readlink -f "$application")"
	exec "$application_abs";;
esac
(my first language is not English and I need Oxford dictionary to understand "thou shall"!!)

My question is this: can I mix user php code with user permissions with a php library that has boarder permissions and runs as a www-data or even a user from the sudoers group??
(some require_once headers should import the php library but what is required is the user NOT to be able to hack that library)

Thanks again!
Reply With Quote