Results 1 to 8 of 8
  1. #1

    Should I disable SuExec?

    I currently enable suExec on my server.
    One of my client script have problem with suExec .

    So, should I disable suExec? Can I disable suExec on single account? any solutions?

    Thanks for your help.

  2. #2
    Join Date
    Oct 2003
    Location
    Hanoi
    Posts
    4,306
    before posting, you should use search feature

    this may help http://www.webhostingtalk.com/showth...hreadid=102276

  3. #3
    Join Date
    Apr 2001
    Posts
    2,588
    What kind of problems is your client having? I would NOT disable SuExec at all.

  4. #4
    Join Date
    Jul 2002
    Posts
    1,441
    You can have 1 server with suexec and get a reseller account somewhere that has it off. suexec is more secure than without it.
    Synergy Blue LLC
    SonataWeb.net | SynergyBlue.com
    USA should so something about: http://www.brillig.com/debt_clock/

  5. #5
    Join Date
    Nov 2002
    Location
    Bay Area, California
    Posts
    309
    Lots of our customer's scripts have trouble with suexec

    The trouble is that the stupid script author tells them to use permissions that suexec finds insecure, so it refuses to run the script.

    As soon as we tell them the correct permissions to use most all these scripts start to work.

    Doh!
    Sunwave Communications
    http://www.sunwave.com/
    Safety - Service - Economy

  6. #6
    Join Date
    Feb 2002
    Location
    Vestal, NY
    Posts
    1,378
    suexec is far more common for Perl/CGI these days than no suexec. Are you talking about CGI suexec or PHP suexec?
    H4Y Technologies LLC Check out our new website!
    "Smarter, Cheaper, Faster" - SMB, Reseller, VDS, Dedicated, Colo hosting done right.

    ZERO PACKETLOSS, ZERO DOWNTIME Dedicated and Colo - USA: IA, CA, NC, OR, NV
    **http://h4y.us**
    Voice: (866)435-5642. *** Email: askus at host4yourself d0t com

  7. #7
    Join Date
    Apr 2002
    Location
    Philly Pa
    Posts
    130
    Originally posted by Luxore
    Lots of our customer's scripts have trouble with suexec

    The trouble is that the stupid script author tells them to use permissions that suexec finds insecure, so it refuses to run the script.

    As soon as we tell them the correct permissions to use most all these scripts start to work.

    Doh!

    And there are reasons for that. If one of your customers uses setuid and write poor code, all it takes it the wrong user to run that and someone "could" do bad things. Such as, if your web process runs it and someone hijacks it many things could be done. You best bit is, leave suexec on and have your customers use better code

  8. #8
    Join Date
    Apr 2002
    Posts
    930
    You can disable SuExec for a single account by removing or commenting out the:

    User
    Group

    lines in your httpd.conf for that specific VirtualHost. Then restart Apache and SuExec will be disabled for that domain.

    However, I am with agreement with others, you should leave SuExec enabled.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •