This module gives the administrator the choice of running scripts inside and outside vhosts under their own UID and GID.

You have three ways to do that :

• Based on a fixed user / group

• Based on file ownership

• Based on parent directory ownership

Some nessecary warnings :

• Apache needs to be compiled with -DBIG_SECURITY_HOLE if you're not running Linux.

• Use of this module COULD lead to a compromised webserver.

Code inside apache (that also beeing PHP scripts, and perl / python scripts when using mod_perl or mod_python) that can execute set*uid() calls can het root privileges if you're not using the linux lsm_rsuid kernel module.

It is strongly advised that you disable all access to set*uid() and get*uid() calls from within those interpreters, even if you run with the lsm_rsuid kernel module.

The code needs to be audited, potential flaws could still be present