You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Lane Rettig <la...@rettig.com> on 1999/08/18 21:57:28 UTC

suexec/4876: suexec permission denied to logfile write after exec error

>Number:         4876
>Category:       suexec
>Synopsis:       suexec permission denied to logfile write after exec error
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Wed Aug 18 14:10:00 PDT 1999
>Last-Modified:
>Originator:     lane@rettig.com
>Organization:
apache
>Release:        1.3.6
>Environment:
Linux 2.0.36 #4 i686 unknown
RedHat 5.2
>Description:
If suexec, while executing a CGI script, fails (after suexec has setuid'ed), it has already setuid'ed to another system user, so that it no longer has permission to log errors to its log (LOG_EXEC).  The only way to currently get around this is to chmod said error log 666 or better, thereby providing *EVERY* system user write access to the file (not necessarily a security exploit in its own nature, but a major inconvenience at the least).

It'd be much smarter if suexec could setuid once more, back to its original execution uid, if it encounters an error running its assigned program.  I'm not a very experienced C programmer, so I can't provide code to do this (nor am I sure it's entirely possible), but it's something which should be worked around nonetheless (and I have yet to find a workaround myself).

Is it necessary for suexec to setuid to the UID of the program it's supposed to execute?  Could suexec be modified to simply execute said program as the specified UID/GID?

Any help would be greatly appreciated; thanks for your time!
>How-To-Repeat:
N/A
>Fix:
It'd be much smarter if suexec could setuid once more, back to its original execution uid, if it encounters an error running its assigned program.  I'm not a very experienced C programmer, so I can't provide code to do this (nor am I sure it's entirely possible), but it's something which should be worked around nonetheless (and I have yet to find a workaround myself).

Is it necessary for suexec to setuid to the UID of the program it's supposed to execute?  Could suexec be modified to simply execute said program as the specified UID/GID?
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, you need]
[to include <ap...@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or      ]
["Re: general/1098:").  If the subject doesn't match this       ]
[pattern, your message will be misfiled and ignored.  The       ]
["apbugs" address is not added to the Cc line of messages from  ]
[the database automatically because of the potential for mail   ]
[loops.  If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request from a  ]
[developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]