Description of problem: One of Fedora 15's features was to start moving away from having the suid permission on executables and use a more secure system instead. However, this breaks mod_suexec in httpd because it needs the suid permission on /usr/sbin/suexec. The default permissions (0510) on this application don't work, and so mod_suexec doesn't work on the server. Version-Release number of selected component (if applicable): httpd-2.2.17-10.fc15.1.i686 How reproducible: Always Steps to Reproduce: 1. Install httpd, enable suexec by loading the module and adding SuexecUserGroup to a VirtualHost. 2. Make a test Perl script that simply prints the output of `id` 3. Test it. `id` will say the apache user is running. 4. chmod 4510 /usr/sbin/suexec and test again. `id` will say the user who owns the file is running. Actual results: Unless you add the setuid bit to suexec yourself, suexec doesn't work and the apache user runs your CGI scripts. Expected results: suexec should work without changing permissions. Additional info:
httpd-2.2.19-2.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/httpd-2.2.19-2.fc15
Package httpd-2.2.19-2.fc15: * should fix your issue, * was pushed to the Fedora 15 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing httpd-2.2.19-2.fc15' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/httpd-2.2.19-2.fc15 then log in and leave karma (feedback).
Yes, httpd-2.2.19-2.fc15 fixes the problem. :) Cheers!
httpd-2.2.19-2.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.