I had to make this change, as the box is authenticating against our ldap
environment, and there are a few users that have uid's less than 500. So,
for things such as ssh interactive logins, all is okay. I'm now running
into a problem in which httpd is not letting seemingly the same group of
users execute cgi's from their home directories. I've modified cat
/etc/httpd/conf/httpd.conf to allow for the execution of cgi's from users
home directories. For users with a uid greater than 500, cgi's execute as
expected. For users with a uid less than 500, the cgi doesn't execute and
the following is logged in /var/log/httpd/suexec.log:
cannot run as forbidden uid (402/hello.cgi)
Any ideas how I can modify the behavior to allow uid's < 500 to run cgi's?
If not, how do I disable suexec from loading? I would rather not re-compile
this, as I prefer to use yum to keep the box patched and from what I've
read, suexec does add some extended security to httpd. Thanks.
redhat-list mailing list