You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2002/07/12 17:31:54 UTC

DO NOT REPLY [Bug 10744] New: - suexec might fail to open log file

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10744>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10744

suexec might fail to open log file

           Summary: suexec might fail to open log file
           Product: Apache httpd-2.0
           Version: 2.0.36
          Platform: PC
        OS/Version: FreeBSD
            Status: NEW
          Severity: Minor
          Priority: Other
         Component: mod_suexec
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: abatko@cs.mcgill.ca


I have been able to get the following error messages
in httpd-error.log by modifying suexec.c just to see
what would happen if execv() returned.

[error] Premature end of script headers: hello.pl
[error] failed to open log file
[error] fopen: Permission denied

There is a comment near the end of suexec.c's main()
function which says that the log file will be closed
so that CGI can't tamper with it.  It also states that
"If the exec fails, it will be reopened automatically
when log_err is called."  So this is what I wanted to
test.  I did the test by simply preceeding execv() with
the "kaboom" log_err() statement that *would* be called
if execv() returned.  Here's a diff of what I mean:


--- suexec.c.orig       Fri Jul 12 10:42:48 2002
+++ suexec.c    Fri Jul 12 11:13:30 2002
@@ -620,6 +620,7 @@
         ap_execve(cmd, &argv[3], environ);
     }
 #else /*NEED_HASHBANG_EMUL*/
+    log_err("(%d)%s: exec failed (%s)\n", errno, strerror(errno), cmd);
     execv(cmd, &argv[3]);
 #endif /*NEED_HASHBANG_EMUL*/


I may be totally wrong by performing the test like
this but as far as I see, if execv() ever returns,
the "kaboom" line will not execute as expected because
fopen will bomb.

Please let me know if I am wrong about any of this.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org