You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2010/02/09 23:03:09 UTC

svn commit: r908250 - in /httpd/mod_fcgid/trunk/modules/fcgid: fcgid_pm_unix.c fcgid_proc_unix.c

Author: trawick
Date: Tue Feb  9 22:03:09 2010
New Revision: 908250

URL: http://svn.apache.org/viewvc?rev=908250&view=rev
Log:
check retcodes when setting uid in the child to what
suexec expects; on failure, log and exit

add a little commentary about the use of uid/euid

Modified:
    httpd/mod_fcgid/trunk/modules/fcgid/fcgid_pm_unix.c
    httpd/mod_fcgid/trunk/modules/fcgid/fcgid_proc_unix.c

Modified: httpd/mod_fcgid/trunk/modules/fcgid/fcgid_pm_unix.c
URL: http://svn.apache.org/viewvc/httpd/mod_fcgid/trunk/modules/fcgid/fcgid_pm_unix.c?rev=908250&r1=908249&r2=908250&view=diff
==============================================================================
--- httpd/mod_fcgid/trunk/modules/fcgid/fcgid_pm_unix.c (original)
+++ httpd/mod_fcgid/trunk/modules/fcgid/fcgid_pm_unix.c Tue Feb  9 22:03:09 2010
@@ -273,7 +273,15 @@
             exit(DAEMON_STARTUP_ERROR);
         }
 
-        /* if running as root, switch to configured user */
+        /* If running as root, switch to configured user.
+         *
+         * When running children via suexec, only the effective uid is
+         * switched, so that the PM can return to euid 0 to kill child
+         * processes.
+         *
+         * When running children as the configured user, the real uid
+         * is switched.
+         */
         if (ap_unixd_config.suexec_enabled) {
             if (getuid() != 0) {
                 ap_log_error(APLOG_MARK, APLOG_EMERG, 0, main_server,

Modified: httpd/mod_fcgid/trunk/modules/fcgid/fcgid_proc_unix.c
URL: http://svn.apache.org/viewvc/httpd/mod_fcgid/trunk/modules/fcgid/fcgid_proc_unix.c?rev=908250&r1=908249&r2=908250&view=diff
==============================================================================
--- httpd/mod_fcgid/trunk/modules/fcgid/fcgid_proc_unix.c (original)
+++ httpd/mod_fcgid/trunk/modules/fcgid/fcgid_proc_unix.c Tue Feb  9 22:03:09 2010
@@ -161,10 +161,29 @@
     return APR_SUCCESS;
 }
 
+static void log_setid_failure(const char *id_type,
+                              uid_t user_id)
+{
+    char errno_desc[120];
+    char errmsg[240];
+
+    apr_strerror(errno, errno_desc, sizeof errno_desc);
+    apr_snprintf(errmsg, sizeof errmsg,
+                 "(%d)%s: mod_fcgid child unable to set %s to %ld\n",
+                 errno, errno_desc, id_type, (long)user_id);
+    write(STDERR_FILENO, errmsg, strlen(errmsg));
+}
+
 static apr_status_t exec_setuid_cleanup(void *dummy)
 {
-    seteuid(0);
-    setuid(ap_unixd_config.user_id);
+    if (seteuid(0) == -1) {
+        log_setid_failure("effective uid", 0);
+        _exit(1);
+    }
+    if (setuid(ap_unixd_config.user_id) == -1) {
+        log_setid_failure("uid", ap_unixd_config.user_id);
+        _exit(1);
+    }
     return APR_SUCCESS;
 }
 
@@ -225,7 +244,10 @@
         return errno;
     }
 
-    /* Unlink it when process exit */
+    /* Register cleanups to
+     * 1. Unlink the socket when the process exits
+     * 2. (suexec mode only, in the child cleanup) Switch to the configured uid
+     */
     if (ap_unixd_config.suexec_enabled) {
         apr_pool_cleanup_register(procnode->proc_pool,
                                   procnode, socket_file_cleanup,