Google Git
Sign in
apache / httpd / 84fd685bce40c7fbadeccc73de9d0cb6a9a67111 / . / docs / manual / suexec.html.ja.euc-jp
blob: 271244a03e7b29345ff2387353a546694289a827 [file] [log] [blame]
<?xml version="1.0" encoding="EUC-JP"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="ja" xml:lang="ja"><head><!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
<title>suEXEC ¥µ¥Ý¡¼¥È - Apache HTTP ¥µ¡¼¥Ð</title>
<link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
<link href="./images/favicon.ico" rel="shortcut icon" /></head>
<body id="manual-page"><div id="page-header">
<p class="menu"><a href="./mod/">¥â¥¸¥å¡¼¥ë</a> | <a href="./mod/directives.html">¥Ç¥£¥ì¥¯¥Æ¥£¥Ö</a> | <a href="./faq/">FAQ</a> | <a href="./glossary.html">ÍѸì</a> | <a href="./sitemap.html">¥µ¥¤¥È¥Þ¥Ã¥×</a></p>
<p class="apache">Apache HTTP ¥µ¡¼¥Ð ¥Ð¡¼¥¸¥ç¥ó 2.1</p>
<img alt="" src="./images/feather.gif" /></div>
<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="./images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP ¥µ¡¼¥Ð</a> &gt; <a href="http://httpd.apache.org/docs-project/">¥É¥­¥å¥á¥ó¥Æ¡¼¥·¥ç¥ó</a> &gt; <a href="./">¥Ð¡¼¥¸¥ç¥ó 2.1</a></div><div id="page-content"><div id="preamble"><h1>suEXEC ¥µ¥Ý¡¼¥È</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
<a href="./ja/suexec.html" title="Japanese">&nbsp;ja&nbsp;</a> |
<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
</div>
<p><strong>suEXEC</strong>
µ¡Ç½¤Ë¤è¤ê¡¢Apache ¥æ¡¼¥¶¤Ï Web ¥µ¡¼¥Ð¤ò¼Â¹Ô¤·¤Æ¤¤¤ë¥æ¡¼¥¶ ID ¤È¤Ï
°Û¤Ê¤ë¥æ¡¼¥¶ ID ¤Ç <strong>CGI</strong> ¥×¥í¥°¥é¥à¤ä <strong>SSI</strong>
¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£CGI ¥×¥í¥°¥é¥à¤Þ¤¿¤Ï SSI
¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¾ì¹ç¡¢Ä̾ï¤Ï web ¥µ¡¼¥Ð¤ÈƱ¤¸¥æ¡¼¥¶¤Ç¼Â¹Ô¤µ¤ì¤Þ¤¹¡£
</p>
<p>ŬÀڤ˻ÈÍѤ¹¤ë¤È¡¢¤³¤Îµ¡Ç½¤Ë¤è¤ê¥æ¡¼¥¶¤¬¸ÄÊ̤ΠCGI
¤ä SSI ¥×¥í¥°¥é¥à¤ò³«È¯¤·¼Â¹Ô¤¹¤ë¤³¤È¤ÇÀ¸¤¸¤ë¥»¥­¥å¥ê¥Æ¥£¾å¤Î´í¸±¤ò¡¢
¤«¤Ê¤ê¸º¤é¤¹¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£¤·¤«¤·¡¢suEXEC ¤ÎÀßÄ꤬ÉÔŬÀÚ¤À¤È¡¢
¿¤¯¤ÎÌäÂ꤬À¸¤¸¡¢¤¢¤Ê¤¿¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ë¿·¤·¤¤¥»¥­¥å¥ê¥Æ¥£¥Û¡¼¥ë¤ò
ºî¤Ã¤Æ¤·¤Þ¤¦²ÄǽÀ­¤¬¤¢¤ê¤Þ¤¹¡£¤¢¤Ê¤¿¤¬ <em>setuid root</em>
¤µ¤ì¤¿¥×¥í¥°¥é¥à¤È¡¢¤½¤ì¤é¤«¤éÀ¸¤¸¤ë¥»¥­¥å¥ê¥Æ¥£¾å¤ÎÌäÂê¤Î´ÉÍý¤Ë
¾Ü¤·¤¯¤Ê¤¤¤è¤¦¤Ê¤é¡¢suEXEC ¤Î»ÈÍѤò¸¡Æ¤¤·¤Ê¤¤¤è¤¦¤Ë¶¯¤¯¿ä¾©¤·¤Þ¤¹¡£
</p>
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#before">»Ï¤á¤ëÁ°¤Ë</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#model">suEXEC ¥»¥­¥å¥ê¥Æ¥£¥â¥Ç¥ë</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#install">suEXEC
¤ÎÀßÄê¤È¥¤¥ó¥¹¥È¡¼¥ë</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#enable">suEXEC
¤ÎÍ­¸ú²½¤È̵¸ú²½</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#usage">suEXEC ¤Î»ÈÍÑ</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#debug">suEXEC ¤Î¥Ç¥Ð¥Ã¥°</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#jabberwock">¤È¤«¤²¤ËÃí°Õ: ·Ù¹ð¤È»öÎã</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="before" id="before">»Ï¤á¤ëÁ°¤Ë</a></h2>
<p>¤³¤Îʸ½ñ¤ÎÀèƬ¤ËÈô¤ÖÁ°¤Ë¡¢Apache
¥°¥ë¡¼¥×¤È¤³¤Îʸ½ñ¤Ç¤Î²¾Äê¤òÃΤäƤª¤¯¤Ù¤­¤Ç¤·¤ç¤¦¡£
</p>
<p>Âè 1 ¤Ë¡¢¤¢¤Ê¤¿¤¬ <strong>setuid</strong> ¤È
<strong>setgid</strong> Áàºî¤¬²Äǽ¤Ê UNIX
ͳÍè¤Î¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤ò»È¤Ã¤Æ¤¤¤ë¤³¤È¤òÁÛÄꤷ¤Æ¤¤¤Þ¤¹¡£
¤³¤ì¤Ï¡¢¤¹¤Ù¤Æ¤Î¥³¥Þ¥ó¥ÉÎã¤Ë¤¢¤Æ¤Ï¤Þ¤ê¤Þ¤¹¡£
¤½¤Î¾¤Î¥×¥é¥Ã¥È¥Û¡¼¥à¤Ç¤Ï¡¢¤â¤· suEXEC
¤¬¥µ¥Ý¡¼¥È¤µ¤ì¤Æ¤¤¤¿¤È¤·¤Æ¤âÀßÄê¤Ï°Û¤Ê¤ë¤«¤â¤·¤ì¤Þ¤»¤ó¡£</p>
<p>Âè 2 ¤Ë¡¢¤¢¤Ê¤¿¤¬»ÈÍÑÃæ¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Î
¥»¥­¥å¥ê¥Æ¥£¤Ë´Ø¤¹¤ë´ðËÜŪ¤Ê³µÇ°¤È¡¢¤½¤ì¤é¤Î´ÉÍý¤Ë¤Ä¤¤¤Æ¾Ü¤·¤¤¤³¤È¤ò
ÁÛÄꤷ¤Æ¤¤¤Þ¤¹¡£¤³¤ì¤Ï¡¢<strong>setuid/setgid</strong>
Áàºî¡¢¤¢¤Ê¤¿¤Î¥·¥¹¥Æ¥à¾å¤Ç¤Î¤½¤ÎÁàºî¤Ë¤è¤ëÍÍ¡¹¤Ê¸ú²Ì¡¢
¥»¥­¥å¥ê¥Æ¥£¥ì¥Ù¥ë¤Ë¤Ä¤¤¤Æ¤¢¤Ê¤¿¤¬Íý²ò¤·¤Æ¤¤¤ë¤È¤¤¤¦¤³¤È¤ò´Þ¤ß¤Þ¤¹¡£
</p>
<p>Âè 3 ¤Ë¡¢<strong>²þ¤¤µ¤ì¤Æ¤¤¤Ê¤¤</strong> suEXEC
¥³¡¼¥É¤Î»ÈÍѤòÁÛÄꤷ¤Æ¤¤¤Þ¤¹¡£suEXEC ¤Î¥³¡¼¥É¤Ï¡¢
¿¤¯¤Î¥Ù¡¼¥¿¥Æ¥¹¥¿¤À¤±¤Ç¤Ê¤¯¡¢³«È¯¼Ô¤Ë¤è¤Ã¤Æ¤âÃí°Õ¿¼¤¯Àººº¤µ¤ì
¥Æ¥¹¥È¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¤½¤ì¤é¤ÎÃí°Õ¤Ë¤è¤ê¡¢´Ê·é¤Ç¿®Íê¤Ç¤­¤ë°ÂÁ´¤Ê
¥³¡¼¥É¤Î´ðÈפ¬Êݾڤµ¤ì¤Þ¤¹¡£¤³¤Î¥³¡¼¥É¤ò²þÊѤ¹¤ë¤³¤È¤Ç¡¢
ͽ´ü¤µ¤ì¤Ê¤¤ÌäÂê¤ä¿·¤·¤¤¥»¥­¥å¥ê¥Æ¥£¾å¤Î´í¸±¤¬À¸¤¸¤ë¤³¤È¤¬¤¢¤ê¤Þ¤¹¡£
¥»¥­¥å¥ê¥Æ¥£¥×¥í¥°¥é¥ß¥ó¥°¤Î¾ÜºÙ¤ËÄ̤¸¤Æ¤¤¤Æ¡¢
º£¸å¤Î¸¡Æ¤¤Î¤¿¤á¤ËÀ®²Ì¤ò Apache
¥°¥ë¡¼¥×¤È¶¦Í­¤·¤è¤¦¤È»×¤¦¤Î¤Ç¤Ê¤±¤ì¤Ð¡¢suEXEC
¥³¡¼¥É¤ÏÊѤ¨¤Ê¤¤¤³¤È¤ò <strong>¶¯¤¯</strong>¿ä¾©¤·¤Þ¤¹¡£</p>
<p>Âè 4 ¤Ë¡¢¤³¤ì¤¬ºÇ¸å¤Ç¤¹¤¬¡¢suEXEC ¤ò Apache
¤Î¥Ç¥Õ¥©¥ë¥È¥¤¥ó¥¹¥È¡¼¥ë¤Ë¤Ï<strong>´Þ¤á¤Ê¤¤</strong>¤³¤È¤¬
Apache ¥°¥ë¡¼¥×¤Ç·èÄꤵ¤ì¤Æ¤¤¤Þ¤¹¡£¤³¤ì¤Ï¡¢suEXEC
¤ÎÀßÄê¤Ë¤Ï´ÉÍý¼Ô¤Î¾ÜºÙ¤Ë¤ï¤¿¤ë¿µ½Å¤ÊÃí°Õ¤¬É¬ÍפÀ¤«¤é¤Ç¤¹¡£
suEXEC ¤ÎÍÍ¡¹¤ÊÀßÄê¤Ë¤Ä¤¤¤Æ¸¡Æ¤¤¬½ª¤ï¤ì¤Ð¡¢´ÉÍý¼Ô¤Ï suEXEC
¤òÄ̾ï¤Î¥¤¥ó¥¹¥È¡¼¥ëÊýË¡¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£
¤³¤ì¤é¤ÎÀßÄêÃͤϡ¢suEXEC
µ¡Ç½¤Î»ÈÍÑÃæ¤Ë¥·¥¹¥Æ¥à¥»¥­¥å¥ê¥Æ¥£¤òŬÀÚ¤ËÊݤĤ¿¤á¤Ë¡¢
´ÉÍý¼Ô¤Ë¤è¤Ã¤Æ¿µ½Å¤Ë·èÄꤵ¤ì»ØÄꤵ¤ì¤ë¤³¤È¤¬É¬ÍפǤ¹¡£
¤³¤Î¾ÜºÙ¤Ê¼ê½ç¤Ë¤è¤ê¡¢Apache ¥°¥ë¡¼¥×¤Ï¡¢suEXEC
¤Î¥¤¥ó¥¹¥È¡¼¥ë¤Ë¤Ä¤¤¤Æ¡¢Ãí°Õ¿¼¤¯½½Ê¬¤Ë¸¡Æ¤¤·¤Æ¤½¤ì¤ò»ÈÍѤ¹¤ë¤³¤È¤ò
·èÄꤷ¤¿¾ì¹ç¤Ë¸Â¤Ã¤Æ¤¤¤¿¤À¤­¤¿¤¤¤È¹Í¤¨¤Æ¤¤¤Þ¤¹¡£
</p>
<p>¤½¤ì¤Ç¤â¿Ê¤ß¤Þ¤¹¤«? ¤è¤í¤·¤¤¡£¤Ç¤Ï¡¢Àè¤Ø¿Ê¤ß¤Þ¤·¤ç¤¦!</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="model" id="model">suEXEC ¥»¥­¥å¥ê¥Æ¥£¥â¥Ç¥ë</a></h2>
<p>suEXEC ¤ÎÀßÄê¤È¥¤¥ó¥¹¥È¡¼¥ë¤ò»Ï¤á¤ëÁ°¤Ë¡¢
¤Þ¤º¼ÂÁõ¤·¤è¤¦¤È¤·¤Æ¤¤¤ë¥»¥­¥å¥ê¥Æ¥£¥â¥Ç¥ë¤Ë¤Ä¤¤¤ÆÏÀ¤¸¤Æ¤ª¤­¤Þ¤¹¡£
¤½¤ì¤Ë¤Ï¡¢suEXEC ¤ÎÆâÉô¤Ç¹Ô¤Ê¤ï¤ì¤Æ¤¤¤ë¤³¤È¡¢
¥·¥¹¥Æ¥à¤Î¥»¥­¥å¥ê¥Æ¥£¤òÊݾڤ¹¤ë¤¿¤á¤Ë·Ù¹ð¤µ¤ì¤ë¤³¤È¤ò
¤è¤¯Íý²ò¤·¤Æ¤ª¤¤¤¿Êý¤¬¤è¤¤¤Ç¤·¤ç¤¦¡£</p>
<p><strong>suEXEC</strong> ¤Ï¡¢Apache web
¥µ¡¼¥Ð¤«¤é¸Æ¤Ó½Ð¤µ¤ì¤ë setuid ¤µ¤ì¤¿ "wrapper"
¥×¥í¥°¥é¥à¤¬´ðËܤȤʤäƤ¤¤Þ¤¹¡£À߷פ·¤¿ CGI¡¢¤Þ¤¿¤Ï SSI
¥×¥í¥°¥é¥à¤Ø¤Î HTTP ¥ê¥¯¥¨¥¹¥È¤¬¤¢¤ë¤È¡¢¤³¤Î wrapper
¤¬¸Æ¤Ó½Ð¤µ¤ì¤Þ¤¹¡£¤³¤Î¤è¤¦¤Ê¥ê¥¯¥¨¥¹¥È¤¬¤¢¤ë¤È¡¢Apache
¤Ï¤½¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ëºÝ¤Î¥×¥í¥°¥é¥à̾¤È¥æ¡¼¥¶ ID ¤È¥°¥ë¡¼¥×
ID ¤ò»ØÄꤷ¤Æ suEXEC wrapper ¤ò¼Â¹Ô¤·¤Þ¤¹¡£
</p>
<p>¤½¤ì¤«¤é¡¢wrapper ¤ÏÀ®¸ù¤Þ¤¿¤Ï¼ºÇÔ¤ò·èÄꤹ¤ë¤¿¤á
°Ê²¼¤Î½èÍý¤ò¹Ô¤Ê¤¤¤Þ¤¹¡£¤³¤ì¤é¤Î¾õÂ֤Τ¦¤Á°ì¤Ä¤Ç¤â¼ºÇÔ¤·¤¿¾ì¹ç¡¢
¥×¥í¥°¥é¥à¤Ï¼ºÇÔ¤ò¥í¥°¤Ëµ­Ï¿¤·¤Æ¥¨¥é¡¼¤Ç½ªÎ»¤·¤Þ¤¹¡£
¤½¤¦¤Ç¤Ê¤±¤ì¤Ð¡¢¸å¤Î½èÍý¤¬Â³¤±¤é¤ì¤Þ¤¹¡£</p>
<ol>
<li>
<strong>wrapper
¤ò¼Â¹Ô¤·¤Æ¤¤¤ë¥æ¡¼¥¶¤Ï¤³¤Î¥·¥¹¥Æ¥à¤ÎÀµÅö¤Ê¥æ¡¼¥¶¤«?</strong>
<p class="indent">
¤³¤ì¤Ï¡¢wrapper ¤ò¼Â¹Ô¤·¤Æ¤¤¤ë¥æ¡¼¥¶¤¬
ËÜÅö¤Ë¥·¥¹¥Æ¥à¤ÎÍøÍѼԤǤ¢¤ë¤³¤È¤òÊݾڤ¹¤ë¤¿¤á¤Ç¤¹¡£
</p>
</li>
<li>
<strong>wrapper ¤¬Å¬Àڤʿô¤Î°ú¿ô¤Ç¸Æ¤Ó½Ð¤µ¤ì¤¿¤«?</strong>
<p class="indent">
wrapper ¤ÏŬÀڤʿô¤Î°ú¿ô¤¬Í¿¤¨¤é¤ì¤¿¾ì¹ç¤Ë¤Î¤ß¼Â¹Ô¤µ¤ì¤Þ¤¹¡£
ŬÀڤʰú¿ô¤Î¥Õ¥©¡¼¥Þ¥Ã¥È¤Ï Apache Web ¥µ¡¼¥Ð¤Ë²ò¼á¤µ¤ì¤Þ¤¹¡£
ŬÀڤʿô¤Î°ú¿ô¤ò¼õ¤±¼è¤é¤Ê¤±¤ì¤Ð¡¢¹¶·â¤ò¤µ¤ì¤¿¤«
¤¢¤Ê¤¿¤Î Apache ¥Ð¥¤¥Ê¥ê¤Î suEXEC ¤ÎÉôʬ¤¬
¤É¤³¤«¤ª¤«¤·¤¤²ÄǽÀ­¤¬¤¢¤ê¤Þ¤¹¡£
</p>
</li>
<li>
<strong>¤³¤ÎÀµÅö¤Ê¥æ¡¼¥¶¤Ï wrapper
¤Î¼Â¹Ô¤òµö²Ä¤µ¤ì¤Æ¤¤¤ë¤«?</strong>
<p class="indent">
¤³¤Î¥æ¡¼¥¶¤Ï wrapper ¼Â¹Ô¤òµö²Ä¤µ¤ì¤¿¥æ¡¼¥¶¤Ç¤¹¤«?
¤¿¤À°ì¿Í¤Î¥æ¡¼¥¶ (Apache ¥æ¡¼¥¶) ¤À¤±¤¬¡¢
¤³¤Î¥×¥í¥°¥é¥à¤Î¼Â¹Ô¤òµö²Ä¤µ¤ì¤Þ¤¹¡£
</p>
</li>
<li>
<strong>ÂоݤΠCGI, SSI ¥×¥í¥°¥é¥à¤¬°ÂÁ´¤Ç¤Ê¤¤³¬Áؤλ²¾È¤ò¤·¤Æ¤¤¤ë¤«?
</strong>
<p class="indent">
ÂоݤΠCGI, SSI ¥×¥í¥°¥é¥à¤¬ '/' ¤«¤é»Ï¤Þ¤ë¡¢¤Þ¤¿¤Ï
'..' ¤Ë¤è¤ë»²¾È¤ò¹Ô¤Ê¤Ã¤Æ¤¤¤Þ¤¹¤«? ¤³¤ì¤é¤Ïµö²Ä¤µ¤ì¤Þ¤»¤ó¡£
ÂÐ¾Ý¤Î¥×¥í¥°¥é¥à¤Ï suEXEC ¤Î¥É¥­¥å¥á¥ó¥È¥ë¡¼¥È
(²¼µ­¤Î <code>--with-suexec-docroot=<em>DIR</em></code> ¤ò»²¾È)
Æâ¤Ë¸ºß¤·¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£
</p>
</li>
<li>
<strong>ÂоݤȤʤë¥æ¡¼¥¶Ì¾¤ÏÀµÅö¤Ê¤â¤Î¤«?</strong>
<p class="indent">
ÂоݤȤʤë¥æ¡¼¥¶Ì¾¤Ï¸ºß¤·¤Æ¤¤¤Þ¤¹¤«?
</p>
</li>
<li>
<strong>ÂоݤȤʤ륰¥ë¡¼¥×̾¤ÏÀµÅö¤Ê¤â¤Î¤«?</strong>
<p class="indent">
ÂоݤȤʤ륰¥ë¡¼¥×̾¤Ï¸ºß¤·¤Æ¤¤¤Þ¤¹¤«?
</p>
</li>
<li>
<strong>ÌÜŪ¤Î¥æ¡¼¥¶¤Ï¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶¤Ç¤Ï<em>¤Ê¤¤</em>¤«?
</strong>
<p class="indent">
º£¤Î¤È¤³¤í¡¢suEXEC ¤Ï <code><em>root</em></code> ¤Ë¤è¤ë CGI/SSI
¥×¥í¥°¥é¥à¤Î¼Â¹Ô¤òµö²Ä¤·¤Æ¤¤¤Þ¤»¤ó¡£
</p>
</li>
<li>
<strong>ÂоݤȤʤë¥æ¡¼¥¶ ID ¤Ï¡¢ºÇ¾®¤Î ID
ÈÖ¹æ¤è¤ê¤â<em>Â礭¤¤</em>¤«? </strong>
<p class="indent">
ºÇ¾®¥æ¡¼¥¶ ID ÈÖ¹æ¤ÏÀßÄê»þ¤Ë»ØÄꤵ¤ì¤Þ¤¹¡£¤³¤ì¤Ï¡¢
CGI/SSI ¥×¥í¥°¥é¥à¼Â¹Ô¤òµö²Ä¤µ¤ì¤ë¥æ¡¼¥¶ ID
¤Î¤È¤ê¤¦¤ëºÇ¾®ÃͤǤ¹¡£¤³¤ì¤Ï
"system" ÍѤΥ¢¥«¥¦¥ó¥È¤òÊĤá½Ð¤¹¤Î¤ËÍ­¸ú¤Ç¤¹¡£
</p>
</li>
<li>
<strong>ÂоݤȤʤ륰¥ë¡¼¥×¤Ï¥¹¡¼¥Ñ¡¼¥æ¡¼¥¶¤Î¥°¥ë¡¼¥×¤Ç¤Ï
<em>¤Ê¤¤</em>¤«?</strong>
<p class="indent">
º£¤Î¤È¤³¤í¡¢suEXEC ¤Ï 'root' ¥°¥ë¡¼¥×¤Ë¤è¤ë CGI/SSI
¥×¥í¥°¥é¥à¤Î¼Â¹Ô¤òµö²Ä¤·¤Æ¤¤¤Þ¤»¤ó¡£
</p>
</li>
<li>
<strong>ÂоݤȤʤ륰¥ë¡¼¥× ID ¤ÏºÇ¾®¤Î ID
ÈÖ¹æ¤è¤ê¤â<em>Â礭¤¤</em>¤«?</strong>
<p class="indent">
ºÇ¾®¥°¥ë¡¼¥× ID ÈÖ¹æ¤ÏÀßÄê»þ¤Ë»ØÄꤵ¤ì¤Þ¤¹¡£¤³¤ì¤Ï¡¢
CGI/SSI ¥×¥í¥°¥é¥à¼Â¹Ô¤òµö²Ä¤µ¤ì¤ë¥°¥ë¡¼¥×
ID ¤Î¤È¤ê¤¦¤ëºÇ¾®ÃͤǤ¹¡£
¤³¤ì¤Ï "system" ÍѤΥ°¥ë¡¼¥×¤òÊĤá½Ð¤¹¤Î¤ËÍ­¸ú¤Ç¤¹¡£
</p>
</li>
<li>
<strong>wrapper ¤¬Àµ¾ï¤ËÂоݤȤʤë¥æ¡¼¥¶¤È¥°¥ë¡¼¥×¤Ë¤Ê¤ì¤ë¤«?
</strong>
<p class="indent">
¤³¤³¤Ç¡¢setuid ¤È setgid
¤Îµ¯Æ°¤Ë¤è¤ê¥×¥í¥°¥é¥à¤ÏÂоݤȤʤë¥æ¡¼¥¶¤È¥°¥ë¡¼¥×¤Ë¤Ê¤ê¤Þ¤¹¡£
¥°¥ë¡¼¥×¥¢¥¯¥»¥¹¥ê¥¹¥È¤Ï¡¢
¥æ¡¼¥¶¤¬Â°¤·¤Æ¤¤¤ë¤¹¤Ù¤Æ¤Î¥°¥ë¡¼¥×¤Ç½é´ü²½¤µ¤ì¤Þ¤¹¡£
</p>
</li>
<li>
<strong>CGI/SSI ¥×¥í¥°¥é¥à¤¬ÃÖ¤«¤ì¤Æ¤¤¤ë¥Ç¥£¥ì¥¯¥È¥ê¤Ë°ÜÆ°
(change directory) ¤Ç¤­¤ë¤«?</strong>
<p class="indent">
¥Ç¥£¥ì¥¯¥È¥ê¤¬Â¸ºß¤·¤Ê¤¤¤Ê¤é¡¢¤½¤Î¥Õ¥¡¥¤¥ë¤â¸ºß¤·¤Ê¤¤¤«¤â¤·¤ì¤Þ¤»¤ó¡£
¥Ç¥£¥ì¥¯¥È¥ê¤Ë°ÜÆ°¤Ç¤­¤Ê¤¤¤Î¤Ç¤¢¤ì¤Ð¡¢¤ª¤½¤é¤¯Â¸ºß¤â¤·¤Ê¤¤¤Ç¤·¤ç¤¦¡£
</p>
</li>
<li>
<strong>¥Ç¥£¥ì¥¯¥È¥ê¤¬ Apache ¤Î¥É¥­¥å¥á¥ó¥È¥Ä¥ê¡¼Æâ¤Ë¤¢¤ë¤«?
</strong>
<p class="indent">
¥ê¥¯¥¨¥¹¥È¤¬¥µ¡¼¥ÐÆâ¤Î¤â¤Î¤Ç¤¢¤ì¤Ð¡¢
Í׵ᤵ¤ì¤¿¥Ç¥£¥ì¥¯¥È¥ê¤¬ suEXEC ¤Î¥É¥­¥å¥á¥ó¥È¥ë¡¼¥ÈÇÛ²¼¤Ë¤¢¤ê¤Þ¤¹¤«?
¥ê¥¯¥¨¥¹¥È¤¬ UserDir ¤Î¤â¤Î¤Ç¤¢¤ì¤Ð¡¢Í׵ᤵ¤ì¤¿¥Ç¥£¥ì¥¯¥È¥ê¤¬ suEXEC
¤Î¥æ¡¼¥¶¤Î¥É¥­¥å¥á¥ó¥È¥ë¡¼¥ÈÇÛ²¼¤Ë¤¢¤ê¤Þ¤¹¤«?
(<a href="#install">suEXEC ÀßÄꥪ¥×¥·¥ç¥ó</a> »²¾È)
</p>
</li>
<li>
<strong>¥Ç¥£¥ì¥¯¥È¥ê¤ò¾¤Î¥æ¡¼¥¶¤¬½ñ¤­¹þ¤á¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ
<em>¤¤¤Ê¤¤</em>¤«?</strong>
<p class="indent">
¥Ç¥£¥ì¥¯¥È¥ê¤ò¾¥æ¡¼¥¶¤Ë³«Êü¤·¤Ê¤¤¤è¤¦¤Ë¤·¤Þ¤¹¡£
½êÍ­¥æ¡¼¥¶¤À¤±¤¬¤³¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ÎÆâÍƤò²þÊѤǤ­¤ë¤è¤¦¤Ë¤·¤Þ¤¹¡£
</p>
</li>
<li>
<strong>ÂоݤȤʤë CGI/SSI ¥×¥í¥°¥é¥à¤Ï¸ºß¤¹¤ë¤«?</strong>
<p class="indent">
¸ºß¤·¤Ê¤±¤ì¤Ð¼Â¹Ô¤Ç¤­¤Þ¤»¤ó¡£
</p>
</li>
<li>
<strong>ÂоݤȤʤë CGI/SSI ¥×¥í¥°¥é¥à¥Õ¥¡¥¤¥ë¤¬Â¾¥¢¥«¥¦¥ó¥È¤«¤é
½ñ¤­¹þ¤á¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ<em>¤¤¤Ê¤¤</em>¤«?</strong>
<p class="indent">
½êÍ­¼Ô°Ê³°¤Ë¤Ï CGI/SSI ¥×¥í¥°¥é¥à¤òÊѹ¹¤¹¤ë¸¢¸Â¤ÏÍ¿¤¨¤é¤ì¤Þ¤»¤ó¡£
</p>
</li>
<li>
<strong>ÂоݤȤʤë CGI/SSI ¥×¥í¥°¥é¥à¤¬ setuid ¤Þ¤¿¤Ï setgid
¤µ¤ì¤Æ<em>¤¤¤Ê¤¤</em>¤«?</strong>
<p class="indent">
UID/GID ¤òºÆÅÙÊѹ¹¤·¤Æ¤Î¥×¥í¥°¥é¥à¼Â¹Ô¤Ï¤·¤Þ¤»¤ó
</p>
</li>
<li>
<strong>ÂоݤȤʤë¥æ¡¼¥¶/¥°¥ë¡¼¥×¤¬¥×¥í¥°¥é¥à¤Î
¥æ¡¼¥¶/¥°¥ë¡¼¥×¤ÈƱ¤¸¤«?</strong>
<p class="indent">
¥æ¡¼¥¶¤¬¤½¤Î¥Õ¥¡¥¤¥ë¤Î½êÍ­¼Ô¤Ç¤¹¤«?
</p>
</li>
<li>
<strong>°ÂÁ´¤ÊÆ°ºî¤òÊݾڤ¹¤ë¤¿¤á¤Î´Ä¶­ÊÑ¿ô¥¯¥ê¥¢¤¬²Äǽ¤«?
</strong>
<p class="indent">
suEXEC ¤Ï¡¢°ÂÁ´¤Ê´Ä¶­ÊÑ¿ô¤Î¥ê¥¹¥È
(¤³¤ì¤é¤ÏÀßÄê»þ¤ËºîÀ®¤µ¤ì¤Þ¤¹) Æâ¤ÎÊÑ¿ô¤È¤·¤ÆÅϤµ¤ì¤ë°ÂÁ´¤Ê
PATH ÊÑ¿ô (ÀßÄê»þ¤Ë»ØÄꤵ¤ì¤Þ¤¹) ¤òÀßÄꤹ¤ë¤³¤È¤Ç¡¢
¥×¥í¥»¥¹¤Î´Ä¶­ÊÑ¿ô¤ò¥¯¥ê¥¢¤·¤Þ¤¹¡£
</p>
</li>
<li>
<strong>ÂоݤȤʤë CGI/SSI ¥×¥í¥°¥é¥à¤ò exec ¤·¤Æ¼Â¹Ô¤Ç¤­¤ë¤«?</strong>
<p class="indent">
¤³¤³¤Ç suEXEC ¤¬½ªÎ»¤·¡¢ÂоݤȤʤë¥×¥í¥°¥é¥à¤¬³«»Ï¤µ¤ì¤Þ¤¹¡£
</p>
</li>
</ol>
<p>¤³¤³¤Þ¤Ç¤¬ suEXEC ¤Î wrapper
¤Ë¤ª¤±¤ë¥»¥­¥å¥ê¥Æ¥£¥â¥Ç¥ë¤Îɸ½àŪ¤ÊÆ°ºî¤Ç¤¹¡£¤â¤¦¾¯¤·¸·½Å¤Ë
CGI/SSI À߷פˤĤ¤¤Æ¤Î¿·¤·¤¤À©¸Â¤äµ¬Äê¤ò¼è¤êÆþ¤ì¤ë¤³¤È¤â¤Ç¤­¤Þ¤¹¤¬¡¢
suEXEC ¤Ï¥»¥­¥å¥ê¥Æ¥£¤ËÃí°Õ¤·¤Æ¿µ½Å¤Ë¾¯¤·¤º¤Ä³«È¯¤µ¤ì¤Æ¤­¤Þ¤·¤¿¡£
</p>
<p>¤³¤Î¥»¥­¥å¥ê¥Æ¥£¥â¥Ç¥ë¤òÍѤ¤¤Æ
¥µ¡¼¥ÐÀßÄê»þ¤Ë¤É¤Î¤è¤¦¤Ëµö¤¹¤³¤È¤òÀ©¸Â¤¹¤ë¤«¡¢¤Þ¤¿¡¢suEXEC
¤òŬÀÚ¤ËÀßÄꤹ¤ë¤È¤É¤Î¤è¤¦¤Ê¥»¥­¥å¥ê¥Æ¥£¾å¤Î´í¸±¤òÈò¤±¤é¤ì¤ë¤«¤Ë
´Ø¤¹¤ë¤è¤ê¾Ü¤·¤¤¾ðÊó¤Ë¤Ä¤¤¤Æ¤Ï¡¢<a href="#jabberwock">"¤È¤«¤²¤ËÃí°Õ"
(Beware the Jabberwock)</a> ¤Î¾Ï¤ò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="install" id="install">suEXEC
¤ÎÀßÄê¤È¥¤¥ó¥¹¥È¡¼¥ë</a></h2>
<p>¤³¤³¤«¤é³Ú¤·¤¯¤Ê¤ê¤Þ¤¹¡£</p>
<p><strong>suEXEC
ÀßÄꥪ¥×¥·¥ç¥ó</strong><br />
</p>
<dl>
<dt><code>--enable-suexec</code></dt>
<dd>¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¡¢¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤º¡¢
Í­¸ú¤Ë¤Ï¤Ê¤é¤Ê¤¤ suEXEC µ¡Ç½¤òÍ­¸ú¤Ë¤·¤Þ¤¹¡£
suEXEC ¤ò»È¤¦¤è¤¦¤Ë APACI ¤ËÍ׵᤹¤ë¤Ë¤Ï¡¢<code>--enable-suexec</code>
¥ª¥×¥·¥ç¥ó¤Ë¤¢¤ï¤»¤Æ¾¯¤Ê¤¯¤È¤â°ì¤Ä¤Ï <code>--with-suexec-xxxxx</code>
¥ª¥×¥·¥ç¥ó¤¬»ØÄꤵ¤ì¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£</dd>
<dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
<dd>¥»¥­¥å¥ê¥Æ¥£¾å¤ÎÍýͳ¤Ë¤è¤ê¡¢<code>suexec</code> ¥Ð¥¤¥Ê¥ê¤Î¥Ñ¥¹¤Ï¥µ¡¼¥Ð¤Ë
¥Ï¡¼¥É¥³¡¼¥É¤µ¤ì¤Æ¤¤¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£¥Ç¥Õ¥©¥ë¥È¤Î¥Ñ¥¹¤ò
ÊѤ¨¤¿¤¤¤È¤­¤Ï¤³¤Î¥ª¥×¥·¥ç¥ó¤ò»È¤Ã¤Æ¤¯¤À¤µ¤¤¡£<em>Î㤨¤Ð</em>¡¢
<code>--with-suexec-bin=/usr/sbin/suexec</code> ¤Î¤è¤¦¤Ë¡£</dd>
<dt><code>--with-suexec-caller=<em>UID</em></code></dt>
<dd>Apache ¤òÄ̾ïÆ°ºî¤µ¤»¤ë<a href="mod/mpm_common.html#user">¥æ¡¼¥¶Ì¾</a>¤ò»ØÄꤷ¤Þ¤¹¡£
¤³¤Î¥æ¡¼¥¶¤À¤±¤¬ suexec ¤Î¼Â¹Ô¤òµö²Ä¤µ¤ì¤¿¥æ¡¼¥¶¤Ë¤Ê¤ê¤Þ¤¹¡£</dd>
<dt><code>--with-suexec-userdir=<em>DIR</em></code></dt>
<dd>suEXEC ¤¬¥¢¥¯¥»¥¹¤òµö¤µ¤ì¤ë¥æ¡¼¥¶¥Û¡¼¥à¥Ç¥£¥ì¥¯¥È¥êÇÛ²¼¤Î
¥µ¥Ö¥Ç¥£¥ì¥¯¥È¥ê¤ò»ØÄꤷ¤Þ¤¹¡£
¤³¤Î¥Ç¥£¥ì¥¯¥È¥ê°Ê²¼¤ÎÁ´¼Â¹Ô¥Õ¥¡¥¤¥ë¤Ï¡¢"°ÂÁ´¤Ê"¥×¥í¥°¥é¥à¤Ë¤Ê¤ë¤è¤¦¡¢
suEXEC ¤¬¤½¤Î¥æ¡¼¥¶¤È¤·¤Æ¼Â¹Ô¤Ç¤­¤ë¤è¤¦¤Ë¤·¤Þ¤¹¡£
"ñ½ã¤Ê" UserDir ¥Ç¥£¥ì¥¯¥Æ¥£¥Ö¤ò»È¤Ã¤Æ¤¤¤ë¾ì¹ç
(¤¹¤Ê¤ï¤Á "*" ¤ò´Þ¤Þ¤Ê¤¤¤â¤Î)¡¢¤³¤ì¤ÈƱ¤¸ÃͤòÀßÄꤹ¤Ù¤­¤Ç¤¹¡£
Userdir ¥Ç¥£¥ì¥¯¥Æ¥£¥Ö¤¬¤½¤Î¥æ¡¼¥¶¤Î¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ëÆâ¤Î
¥Û¡¼¥à¥Ç¥£¥ì¥¯¥È¥ê¤ÈƱ¤¸¾ì½ê¤ò»Ø¤·¤Æ¤¤¤Ê¤±¤ì¤Ð¡¢
suEXEC ¤ÏŬÀÚ¤ËÆ°ºî¤·¤Þ¤»¤ó¡£¥Ç¥Õ¥©¥ë¥È¤Ï "public_html" ¤Ç¤¹¡£
<br />
³Æ UserDir ¤¬°Û¤Ê¤Ã¤¿²¾ÁÛ¥Û¥¹¥È¤òÀßÄꤷ¤Æ¤¤¤ë¾ì¹ç¡¢
¤½¤ì¤é¤òÁ´¤Æ°ì¤Ä¤Î¿Æ¥Ç¥£¥ì¥¯¥È¥ê¤Ë´Þ¤á¤Æ¡¢
¤½¤Î¿Æ¥Ç¥£¥ì¥¯¥È¥ê¤Î̾Á°¤ò¤³¤³¤Ç»ØÄꤹ¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
<strong>¤³¤Î¤è¤¦¤Ë»ØÄꤵ¤ì¤Ê¤±¤ì¤Ð "~userdir" cgi
¤Ø¤Î¥ê¥¯¥¨¥¹¥È¤¬Æ°ºî¤·¤Þ¤»¤ó¡£</strong></dd>
<dt><code>--with-suexec-docroot=<em>DIR</em></code></dt>
<dd>Apache ¤Î¥É¥­¥å¥á¥ó¥È¥ë¡¼¥È¤òÀßÄꤷ¤Þ¤¹¡£¤³¤ì¤¬ suEXEC
¤ÎÆ°ºî¤Ç»ÈÍѤ¹¤ëÍ£°ì¤Î¥Ç¥£¥ì¥¯¥È¥ê³¬Áؤˤʤê¤Þ¤¹ (UserDir
¤Î»ØÄê¤ÏÊÌ)¡£¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï <code>--datedir</code> ¤Ë "/htdocs"
¤È¤¤¤¦¥µ¥Õ¥£¥Ã¥¯¥¹¤ò¤Ä¤±¤¿¤â¤Î¤Ç¤¹¡£
"<code>--datadir=/home/apache</code>" ¤È¤·¤ÆÀßÄꤹ¤ë¤È¡¢
suEXEC wrapper ¤Ë¤È¤Ã¤Æ "/home/apache/htdocs"
¤¬¥É¥­¥å¥á¥ó¥È¥ë¡¼¥È¤È¤·¤Æ»È¤ï¤ì¤Þ¤¹¡£</dd>
<dt><code>--with-suexec-uidmin=<em>UID</em></code></dt>
<dd>suEXEC ¤ÎÂоݥ桼¥¶¤È¤·¤Æµö¤µ¤ì¤ë UID ¤ÎºÇ¾®Ãͤò»ØÄꤷ¤Þ¤¹¡£
ÂçÄñ¤Î¥·¥¹¥Æ¥à¤Ç¤Ï 500 ¤« 100 ¤¬°ìÈÌŪ¤Ç¤¹¡£
¥Ç¥Õ¥©¥ë¥ÈÃÍ¤Ï 100 ¤Ç¤¹¡£</dd>
<dt><code>--with-suexec-gidmin=<em>GID</em></code></dt>
<dd>suEXEC ¤ÎÂоݥ°¥ë¡¼¥×¤È¤·¤Æµö¤µ¤ì¤ë GID
¤ÎºÇ¾®Ãͤò»ØÄꤷ¤Þ¤¹¡£ÂçÄñ¤Î¥·¥¹¥Æ¥à¤Ç¤Ï 100 ¤¬°ìÈÌŪ¤Ê¤Î¤Ç¡¢
¥Ç¥Õ¥©¥ë¥ÈÃͤȤ·¤Æ¤â 100 ¤¬»È¤ï¤ì¤Æ¤¤¤Þ¤¹¡£</dd>
<dt><code>--with-suexec-logfile=<em>FILE</em></code></dt>
<dd>suEXEC ¤Î½èÍý¤È¥¨¥é¡¼¤¬µ­Ï¿¤µ¤ì¤ë¥Õ¥¡¥¤¥ë̾¤ò»ØÄꤷ¤Þ¤¹¡£
(´Æºº¤ä¥Ç¥Ð¥Ã¥°ÌÜŪ¤ËÍ­ÍÑ)
¥Ç¥Õ¥©¥ë¥È¤Ç¤Ï¥í¥°¥Õ¥¡¥¤¥ë¤Ï "suexec_log" ¤È¤¤¤¦Ì¾Á°¤Ç¡¢
ɸ½à¤Î¥í¥°¥Õ¥¡¥¤¥ë¥Ç¥£¥ì¥¯¥È¥ê (<code>--logfiledir</code>) ¤ËÃÖ¤«¤ì¤Þ¤¹¡£
</dd>
<dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
<dd>CGI ¼Â¹Ô¥Õ¥¡¥¤¥ë¤ËÅϤµ¤ì¤ë°ÂÁ´¤Ê PATH ´Ä¶­ÊÑ¿ô¤Ç¤¹¡£
¥Ç¥Õ¥©¥ë¥ÈÃÍ¤Ï "/usr/local/bin:/usr/bin:/bin" ¤Ç¤¹¡£
</dd>
</dl>
<p><strong>suEXEC wrapper
¤Î¥³¥ó¥Ñ¥¤¥ë¤È¥¤¥ó¥¹¥È¡¼¥ë</strong><br />
<code>--enable-suexec</code> ¥ª¥×¥·¥ç¥ó¤Ç suEXEC µ¡Ç½¤òÍ­¸ú¤Ë¤¹¤ë¤È¡¢
"make" ¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤¿»þ¤Ë <code>suexec</code> ¤Î¥Ð¥¤¥Ê¥ê (Apache ¼«ÂΤâ)
¤¬¼«Æ°Åª¤ËºîÀ®¤µ¤ì¤Þ¤¹¡£
<br />
¤¹¤Ù¤Æ¤Î¹½À®Í×ÁǤ¬ºîÀ®¤µ¤ì¤ë¤È¡¢¤½¤ì¤é¤Î¥¤¥ó¥¹¥È¡¼¥ë¤Ë¤Ï
<code>make install</code> ¥³¥Þ¥ó¥É¤¬¼Â¹Ô¤Ç¤­¤Þ¤¹¡£¥Ð¥¤¥Ê¥ê¥¤¥á¡¼¥¸¤Î <code>suexec</code>
¤Ï <code>--sbindir</code> ¥ª¥×¥·¥ç¥ó¤Ç»ØÄꤵ¤ì¤¿¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Þ¤¹¡£
¥Ç¥Õ¥©¥ë¥È¤Î¾ì½ê¤Ï "/usr/local/apache/sbin/suexec" ¤Ç¤¹¡£<br />
¥¤¥ó¥¹¥È¡¼¥ë»þ¤Ë¤Ï <strong><em>root</em></strong>
¸¢¸Â¤¬É¬ÍפʤΤÇÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£wrapper ¤¬¥æ¡¼¥¶ ID
¤òÀßÄꤹ¤ë¤¿¤á¤Ë¡¢½êÍ­¼Ô <code><em>root</em></code>
¤Ç¤Î¥»¥Ã¥È¥æ¡¼¥¶ ID
¥Ó¥Ã¥È¤ò¤½¤Î¥Õ¥¡¥¤¥ë¤Î¥â¡¼¥É¤ËÀßÄꤷ¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£
</p>
<p><strong>°ÂÁ´¤Ê¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤òÀßÄꤹ¤ë</strong><br />
suEXEC ¥é¥Ã¥Ñ¡¼¤Ï¡¢<code>--with-suexec-caller</code> configure
¥ª¥×¥·¥ç¥ó¤Ç»ØÄꤷ¤¿Àµ¤·¤¤¥æ¡¼¥¶¤Çµ¯Æ°¤µ¤ì¤Æ¤¤¤ë¤³¤È¤ò³Îǧ¤·¤Þ¤¹¤¬¡¢
¥·¥¹¥Æ¥à¾å¤Ç¤³¤Î¥Á¥§¥Ã¥¯¤¬¹Ô¤Ê¤ï¤ì¤ëÁ°¤Ë¡¢
suEXEC ¤¬¸Æ¤Ö¥·¥¹¥Æ¥à¤ä¥é¥¤¥Ö¥é¥ê¤¬Àȼå¤Ç¤¢¤ë²ÄǽÀ­¤Ï»Ä¤ê¤Þ¤¹¡£Âй³ºö¤È¤·¤Æ¡¢
°ìÈ̤ËÎɤ¤½¬´·¤È¤â¤µ¤ì¤¤¤Þ¤¹¤¬¡¢
¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¥Ñ¡¼¥ß¥Ã¥·¥ç¥ó¤ò»È¤Ã¤Æ
Apache ¤Î¼Â¹Ô»þ¤Î¥°¥ë¡¼¥×¤Î¤ß¤¬ suEXEC ¤ò¼Â¹Ô¤Ç¤­¤ë¤è¤¦¤Ë
¤¹¤ë¤Î¤¬Îɤ¤¤Ç¤·¤ç¤¦¡£</p>
<p>¤¿¤È¤¨¤Ð¡¢¼¡¤Î¤è¤¦¤Ë¥µ¡¼¥Ð¤¬ÀßÄꤵ¤ì¤Æ¤¤¤¿¤È¤·¤Þ¤¹¡£</p>
<div class="example"><p><code>
User www<br />
Group webgroup<br />
</code></p></div>
<p><code>suexec</code> ¤¬ "/usr/local/apache2/sbin/suexec"
¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤¿¾ì¹ç¡¢¼¡¤Î¤è¤¦¤ËÀßÄꤹ¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</p>
<div class="example"><p><code>
chgrp webgroup /usr/local/apache2/bin/suexec<br />
chmod 4750 /usr/local/apache2/bin/suexec<br />
</code></p></div>
<p>¤³¤ì¤Ç Apache ¤¬¼Â¹Ô¤µ¤ì¤ë¥°¥ë¡¼¥×¤Î¤ß¤¬
suEXEC ¥é¥Ã¥Ñ¡¼¤ò¼Â¹Ô¤Ç¤­¤ë¤È¤¤¤¦¤³¤È¤ò
³Î¾Ú¤·¤Þ¤¹¡£</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="enable" id="enable">suEXEC
¤ÎÍ­¸ú²½¤È̵¸ú²½</a></h2>
<p>µ¯Æ°»þ¤Ë¡¢Apache ¤Ï <code>--sbindir</code>
¥ª¥×¥·¥ç¥ó¤ÇÀßÄꤵ¤ì¤¿¥Ç¥£¥ì¥¯¥È¥ê¤Ç
<code>suexec</code> ¤òõ¤·¤Þ¤¹
(¥Ç¥Õ¥©¥ë¥È¤Ï "/usr/local/apache/sbin/suexec") ¡£
ŬÀÚ¤ËÀßÄꤵ¤ì¤¿ suEXEC ¤¬¤ß¤Ä¤«¤ë¤È¡¢
¥¨¥é¡¼¥í¥°¤Ë°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤¬½ÐÎϤµ¤ì¤Þ¤¹¡£</p>
<div class="example"><p><code>
[notice] suEXEC mechanism enabled (wrapper: <em>/path/to/suexec</em>)
</code></p></div>
<p>¥µ¡¼¥Ðµ¯Æ°»þ¤Ë¤³¤Î¥á¥Ã¥»¡¼¥¸¤¬½Ð¤Ê¤¤¾ì¹ç¡¢
ÂçÄñ¤Ï¥µ¡¼¥Ð¤¬ÁÛÄꤷ¤¿¾ì½ê¤Ç wrapper ¥×¥í¥°¥é¥à¤¬¸«¤Ä¤«¤é¤Ê¤«¤Ã¤¿¤«¡¢
<em>setuid root</em> ¤È¤·¤Æ¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Ê¤¤¤«¤Ç¤¹¡£</p>
<p>suEXEC ¤Î»ÅÁȤߤò»ÈÍѤ¹¤ë¤Î¤¬½é¤á¤Æ¤Ç¡¢Apache ¤¬´û¤ËÆ°ºîÃæ¤Ç¤¢¤ì¤Ð¡¢
Apache ¤ò kill ¤·¤Æ¡¢ºÆµ¯Æ°¤·¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£HUP ¥·¥°¥Ê¥ë¤ä
USR1 ¥·¥°¥Ê¥ë¤Ë¤è¤ëñ½ã¤ÊºÆµ¯Æ°¤Ç¤ÏÉÔ½½Ê¬¤Ç¤¹¡£</p>
<p>suEXEC ¤ò̵¸ú¤Ë¤¹¤ë¾ì¹ç¤Ï¡¢<code>suexec</code> ¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤«¤é
Apache ¤ò kill ¤·¤ÆºÆµ¯Æ°¤·¤Þ¤¹¡£
</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="usage" id="usage">suEXEC ¤Î»ÈÍÑ</a></h2>
<p>CGI ¥×¥í¥°¥é¥à¤Ø¤Î¥ê¥¯¥¨¥¹¥È¤¬ suEXEC ¥é¥Ã¥Ñ¡¼¤ò¸Æ¤Ö¤Î¤Ï¡¢
<code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code> ¥Ç¥£¥ì¥¯¥Æ¥£¥Ö¤ò
´Þ¤à¥Ð¡¼¥Á¥ã¥ë¥Û¥¹¥È¤Ø¤Î¥ê¥¯¥¨¥¹¥È¤«¡¢<code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> ¤Ë¤è¤ê
½èÍý¤µ¤ì¤¿¥ê¥¯¥¨¥¹¥È¤Î¾ì¹ç¤Ë¸Â¤ê¤Þ¤¹¡£</p>
<p><strong>²¾ÁÛ¥Û¥¹¥È:</strong><br />
suEXEC wrapper ¤Î»È¤¤Êý¤È¤·¤Æ¡¢
<code class="directive"><a href="./mod/core.html#virtualhost">VirtualHost</a></code> ÀßÄê¤Ç¤Î
<code class="directive"><a href="./mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code>
¥Ç¥£¥ì¥¯¥Æ¥£¥Ö¤òÄ̤·¤¿¤â¤Î¤¬¤¢¤ê¤Þ¤¹¡£
¤³¤Î¥Ç¥£¥ì¥¯¥Æ¥£¥Ö¤ò¥á¥¤¥ó¥µ¡¼¥Ð¤Î¥æ¡¼¥¶ ID
¤È°Û¤Ê¤ë¤â¤Î¤Ë¤¹¤ë¤È¡¢CGI ¥ê¥½¡¼¥¹¤Ø¤Î¤¹¤Ù¤Æ¤Î¥ê¥¯¥¨¥¹¥È¤Ï¡¢¤½¤Î
<code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code> ¤Ç»ØÄꤵ¤ì¤¿ <em>User</em> ¤È
<em>Group</em> ¤È¤·¤Æ¼Â¹Ô¤µ¤ì¤Þ¤¹¡£<code class="directive"><a href="./mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>
¤Ç¤³¤Î¥Ç¥£¥ì¥¯¥Æ¥£¥Ö¤¬»ØÄꤵ¤ì¤Æ¤¤¤Ê¤¤¾ì¹ç¡¢
¥á¥¤¥ó¥µ¡¼¥Ð¤Î¥æ¡¼¥¶ ID ¤¬ÁÛÄꤵ¤ì¤Þ¤¹¡£</p>
<p><strong>¥æ¡¼¥¶¥Ç¥£¥ì¥¯¥È¥ê:</strong><br />
<code class="module"><a href="./mod/mod_userdir.html">mod_userdir</a></code> ¤Ë¤è¤ê½èÍý¤µ¤ì¤¿¥ê¥¯¥¨¥¹¥È¤Ï
¥ê¥¯¥¨¥¹¥È¤µ¤ì¤¿¥æ¡¼¥¶¥Ç¥£¥ì¥¯¥È¥ê¤Î¥æ¡¼¥¶ ID ¤Ç CGI ¥×¥í¥°¥é¥à¤ò
¼Â¹Ô¤¹¤ë¤¿¤á¤Ë suEXEC ¥é¥Ã¥Ñ¡¼¤ò¸Æ¤Ó¤Þ¤¹¡£
¤³¤Îµ¡Ç½¤òÆ°ºî¤µ¤»¤ë¤¿¤á¤ËɬÍפʤ³¤È¤Ï¡¢CGI
¤ò¤½¤Î¥æ¡¼¥¶¤Ç¼Â¹Ô¤Ç¤­¤ë¤³¤È¡¢¤½¤Î¥¹¥¯¥ê¥×¥È¤¬¾åµ­¤Î<a href="#model">¥»¥­¥å¥ê¥Æ¥£¸¡ºº</a>¤ò¥Ñ¥¹¤Ç¤­¤ë¤³¤È¤Ç¤¹¡£
<a href="#install">¥³¥ó¥Ñ¥¤¥ë
»þ¤Î¥ª¥×¥·¥ç¥ó</a> <code>--with-suexec-userdir</code> ¤â»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="debug" id="debug">suEXEC ¤Î¥Ç¥Ð¥Ã¥°</a></h2>
<p>suEXEC wrapper ¤Ï¡¢¾åµ­¤Ç½Ò¤Ù¤¿ <code>--with-suexec-logfile</code>
¥ª¥×¥·¥ç¥ó¤Ç»ØÄꤵ¤ì¤¿¥Õ¥¡¥¤¥ë¤Ë¥í¥°¾ðÊó¤òµ­Ï¿¤·¤Þ¤¹¡£
wrapper ¤òŬÀÚ¤ËÀßÄê¡¢¥¤¥ó¥¹¥È¡¼¥ë¤Ç¤­¤Æ¤¤¤ë¤È»×¤¦¾ì¹ç¡¢
¤É¤³¤Ç̤äƤ¤¤ë¤«¸«¤è¤¦¤È¤¹¤ë¤Ê¤é¤³¤Î¥í¥°¤È¥µ¡¼¥Ð¤Î
¥¨¥é¡¼¥í¥°¤ò¸«¤ë¤È¤è¤¤¤Ç¤·¤ç¤¦¡£</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="jabberwock" id="jabberwock">¤È¤«¤²¤ËÃí°Õ: ·Ù¹ð¤È»öÎã</a></h2>
<p><strong>Ãí°Õ!</strong>
¤³¤Î¾Ï¤Ï´°Á´¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£¤³¤Î¾Ï¤ÎºÇ¿·²þÄûÈǤˤĤ¤¤Æ¤Ï¡¢
Apache ¥°¥ë¡¼¥×¤Î<a href="http://httpd.apache.org/docs-2.1/suexec.html">
¥ª¥ó¥é¥¤¥ó¥É¥­¥å¥á¥ó¥È</a>ÈǤò»²¾È¤·¤Æ¤¯¤À¤µ¤¤¡£
</p>
<p>¥µ¡¼¥Ð¤ÎÀßÄê¤ËÀ©¸Â¤ò¤â¤¦¤±¤ë wrapper ¤Ë¤Ä¤¤¤Æ¡¢
¤¤¤¯¤Ä¤«¶½Ì£¿¼¤¤ÅÀ¤¬¤¢¤ê¤Þ¤¹¡£suEXEC ¤Ë´Ø¤¹¤ë "¥Ð¥°"
¤òÊó¹ð¤¹¤ëÁ°¤Ë¤³¤ì¤é¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£</p>
<ul>
<li><strong>suEXEC ¤Î¶½Ì£¿¼¤¤ÅÀ</strong></li>
<li>³¬Áع½Â¤¤ÎÀ©¸Â
<p class="indent">
¥»¥­¥å¥ê¥Æ¥£¤È¸úΨ¤ÎÍýͳ¤«¤é¡¢<code>suEXEC</code> ¤ÎÁ´¤Æ¤Î¥ê¥¯¥¨¥¹¥È¤Ï
²¾ÁÛ¥Û¥¹¥È¤Ø¤Î¥ê¥¯¥¨¥¹¥È¤Ë¤ª¤±¤ëºÇ¾å°Ì¤Î¥É¥­¥å¥á¥ó¥È¥ë¡¼¥ÈÆ⤫¡¢
¥æ¡¼¥¶¥Ç¥£¥ì¥¯¥È¥ê¤Ø¤Î¥ê¥¯¥¨¥¹¥È¤Ë¤ª¤±¤ë¸Ä¡¹¤Î¥æ¡¼¥¶¤ÎºÇ¾å°Ì¤Î
¥É¥­¥å¥á¥ó¥È¥ë¡¼¥ÈÆâ¤Ë»Ä¤é¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£
Î㤨¤Ð¡¢»Í¤Ä¤Î²¾ÁÛ¥Û¥¹¥È¤òÀßÄꤷ¤Æ¤¤¤ë¾ì¹ç¡¢
²¾ÁÛ¥Û¥¹¥È¤Î suEXEC ¤ËÍ­Íø¤Ê¤è¤¦¤Ë¡¢¥á¥¤¥ó¤Î Apache
¥É¥­¥å¥á¥ó¥È³¬Áؤγ°Â¦¤ËÁ´¤Æ¤Î²¾ÁÛ¥Û¥¹¥È¤Î¥É¥­¥å¥á¥ó¥È¥ë¡¼¥È¤ò
¹½ÃÛ¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£(Îã¤Ï¸åÆüµ­ºÜ)
</p>
</li>
<li>suEXEC ¤Î PATH ´Ä¶­ÊÑ¿ô
<p class="indent">
¤³¤ì¤òÊѹ¹¤¹¤ë¤Î¤Ï´í¸±¤Ç¤¹¡£¤³¤Î»ØÄê¤Ë´Þ¤Þ¤ì¤ë³Æ¥Ñ¥¹¤¬
<strong>¿®Íê¤Ç¤­¤ë</strong>
¥Ç¥£¥ì¥¯¥È¥ê¤Ç¤¢¤ë¤³¤È¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£
À¤³¦¤«¤é¤Î¥¢¥¯¥»¥¹¤Ë¤è¤ê¡¢Ã¯¤«¤¬¥Û¥¹¥È¾å¤Ç¥È¥í¥¤¤ÎÌÚÇÏ
¤ò¼Â¹Ô¤Ç¤­¤ë¤è¤¦¤Ë¤Ï¤·¤¿¤¯¤Ê¤¤¤Ç¤·¤ç¤¦¡£
</p>
</li>
<li>suEXEC ¥³¡¼¥É¤Î²þ¤
<p class="indent">
·«¤êÊÖ¤·¤Þ¤¹¤¬¡¢²¿¤ò¤ä¤í¤¦¤È¤·¤Æ¤¤¤ë¤«ÇÄ°®¤»¤º¤Ë¤³¤ì¤ò¤ä¤ë¤È
<strong>Â礭¤ÊÌäÂê</strong>¤ò°ú¤­µ¯¤³¤·¤«¤Í¤Þ¤»¤ó¡£
²Äǽ¤Ê¸Â¤êÈò¤±¤Æ¤¯¤À¤µ¤¤¡£
</p>
</li>
</ul>
</div></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="./en/suexec.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
<a href="./ja/suexec.html" title="Japanese">&nbsp;ja&nbsp;</a> |
<a href="./ko/suexec.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
</div><div id="footer">
<p class="apache">Copyright 1999-2004 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="./mod/">¥â¥¸¥å¡¼¥ë</a> | <a href="./mod/directives.html">¥Ç¥£¥ì¥¯¥Æ¥£¥Ö</a> | <a href="./faq/">FAQ</a> | <a href="./glossary.html">ÍѸì</a> | <a href="./sitemap.html">¥µ¥¤¥È¥Þ¥Ã¥×</a></p></div>
</body></html>