00001 /* Licensed to the Apache Software Foundation (ASF) under one or more 00002 * contributor license agreements. See the NOTICE file distributed with 00003 * this work for additional information regarding copyright ownership. 00004 * The ASF licenses this file to You under the Apache License, Version 2.0 00005 * (the "License"); you may not use this file except in compliance with 00006 * the License. You may obtain a copy of the License at 00007 * 00008 * http://www.apache.org/licenses/LICENSE-2.0 00009 * 00010 * Unless required by applicable law or agreed to in writing, software 00011 * distributed under the License is distributed on an "AS IS" BASIS, 00012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 * See the License for the specific language governing permissions and 00014 * limitations under the License. 00015 */ 00016 00024 #ifndef _SUEXEC_H 00025 #define _SUEXEC_H 00026 00027 /* 00028 * Include ap_config_layout so we can work out where the default htdocsdir 00029 * and logsdir are. 00030 */ 00031 #include "ap_config_layout.h" 00032 00033 /* 00034 * HTTPD_USER -- Define as the username under which Apache normally 00035 * runs. This is the only user allowed to execute 00036 * this program. 00037 */ 00038 #ifndef AP_HTTPD_USER 00039 #define AP_HTTPD_USER "www" 00040 #endif 00041 00042 /* 00043 * UID_MIN -- Define this as the lowest UID allowed to be a target user 00044 * for suEXEC. For most systems, 500 or 100 is common. 00045 */ 00046 #ifndef AP_UID_MIN 00047 #define AP_UID_MIN 100 00048 #endif 00049 00050 /* 00051 * GID_MIN -- Define this as the lowest GID allowed to be a target group 00052 * for suEXEC. For most systems, 100 is common. 00053 */ 00054 #ifndef AP_GID_MIN 00055 #define AP_GID_MIN 100 00056 #endif 00057 00058 /* 00059 * USERDIR_SUFFIX -- Define to be the subdirectory under users' 00060 * home directories where suEXEC access should 00061 * be allowed. All executables under this directory 00062 * will be executable by suEXEC as the user so 00063 * they should be "safe" programs. If you are 00064 * using a "simple" UserDir directive (ie. one 00065 * without a "*" in it) this should be set to 00066 * the same value. suEXEC will not work properly 00067 * in cases where the UserDir directive points to 00068 * a location that is not the same as the user's 00069 * home directory as referenced in the passwd file. 00070 * 00071 * If you have VirtualHosts with a different 00072 * UserDir for each, you will need to define them to 00073 * all reside in one parent directory; then name that 00074 * parent directory here. IF THIS IS NOT DEFINED 00075 * PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK! 00076 * See the suEXEC documentation for more detailed 00077 * information. 00078 */ 00079 #ifndef AP_USERDIR_SUFFIX 00080 #define AP_USERDIR_SUFFIX "public_html" 00081 #endif 00082 00083 /* 00084 * LOG_EXEC -- Define this as a filename if you want all suEXEC 00085 * transactions and errors logged for auditing and 00086 * debugging purposes. 00087 */ 00088 #ifndef AP_LOG_EXEC 00089 #define AP_LOG_EXEC DEFAULT_EXP_LOGFILEDIR "/suexec_log" /* Need me? */ 00090 #endif 00091 00092 /* 00093 * DOC_ROOT -- Define as the DocumentRoot set for Apache. This 00094 * will be the only hierarchy (aside from UserDirs) 00095 * that can be used for suEXEC behavior. 00096 */ 00097 #ifndef AP_DOC_ROOT 00098 #define AP_DOC_ROOT DEFAULT_EXP_HTDOCSDIR 00099 #endif 00100 00101 /* 00102 * SAFE_PATH -- Define a safe PATH environment to pass to CGI executables. 00103 * 00104 */ 00105 #ifndef AP_SAFE_PATH 00106 #define AP_SAFE_PATH "/usr/local/bin:/usr/bin:/bin" 00107 #endif 00108 00109 #endif /* _SUEXEC_H */