Red Hat Bugzilla – Bug 445598
Update of mod_suphp to 0.6.3 introduces serious backward incompatibility without further notice
Last modified: 2012-03-01 15:02:48 EST
mod_suphp 0.6.3 enforces some additional (but unnecessary from a security point
of view) checks about directory ownership which can not be disabled at runtime.
E.g. if you have several web sites using virtual hosts below /var/www (e.g.
/var/www/foo/shop, /var/www/bar/gallery) suphp enforces that all directories
below /var/www either belong to the root user or to the user the called php
script should be run as.
Issue description upstream:
Debian bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477646
Several people talked about writing a patch, although so far no code was posted.
Maybe the patch could be applied for EPEL in order to restore the old behavior.
EPEL-4 has reached end of life and is no longer supported.
Please retest your bug against EPEL-5 or EPEL-6 and re-open if the bug persists in the packages available in those releases, or file a new bug.