Running cgi scripts with apache suexec, the suexec clean down variables , what not defined in apache's support/suexec.c file. This is according with apache docs: http://httpd.apache.org/docs/2.2/env.html , paragraph "Some Caveats". But there is problem with non-ASCII file names upload with some python aplications (for example Django), running with suexec and mod_fcgid. There are required LANG and LC_ALL variables passed to CGI scripts, more infotions are there: http://stackoverflow.com/questions/6171278/unicode-in-django-admin , and https://code.djangoproject.com/wiki/django_apache_and_mod_wsgi#Additional%20Tweaking . As it looks, then the only possible solution is add variable names to apache's support/suexec.c file. I propose add small patch with LANG and LC_ALL environments to gentoo apache patchset: --- support/suexec.c.old 2011-11-19 19:48:45.994452000 +0200 +++ support/suexec.c 2011-11-19 19:49:39.351042000 +0200 @@ -98,6 +98,8 @@ "SSL_", /* variable name is */ + "LANG=", + "LC_ALL=", "AUTH_TYPE=", "CONTENT_LENGTH=", "CONTENT_TYPE=", I think they are safe and will not cause any harm to anyone, but the abandonment of the suexec in which case could lower the level of security. Reproducible: Always
Could you report your suggestion to upstream? https://issues.apache.org/bugzilla/
Is this still valid with apache-2.4?
