The requested script must be a valid Web-space reference relative to the
user’s directory or the DocumentRoot; it cannot be an absolute filesystem path
(i.e., it cannot start with a “
/“) and cannot
include any up-level references (i.e., no “
cannot be ‘
root‘, and must be above the minimum UID and GID values
(set with the
options to the
configurescript, which both default to 100). In
addition, the group must be a valid name, and not just a numeric GID.
exist and the wrapper must be able to
chdir()to the directory.
~usernamerequest, the script
directory must be under the directory specified by
(defined by the
allow write access to either the
which it is to be executed.
suexecmust be able to allocate memory in which to reproduce
the environment variable list.
As you can see, the requirements for execution are pretty stringent. The
sheer number of things that can go wrong argues for the use of the wrapper only
when it’s really necessary.
suexec wrapper isn’t turned on or off by any particular
Apache directive setting. Instead, when the Apache server is compiled, one of
the constants set (
SUEXEC_BIN) is a string pointing to the
location of the
suexec binary. When the server starts, it looks
for the binary at that location; if it’s found,
enabled–not otherwise. This is very important.
This means that even a normal Apache build that was performed without any
thought given to using the wrapper can suddenly become
suexec-enabled if a properly protected
is put into place between server restarts. In the master sources, the default
SUEXEC_BIN is set to
/sbin/suexec“; the default value of
HTTPD_ROOT is platform-specific:
|Platform||Default value of
You may change the values of either–or both–of the
SUEXEC_BIN constants when you
recompile the Apache server.