You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Jim Radford <ra...@robotics.caltech.edu> on 2007/04/30 15:02:44 UTC

[PATCH] suexec_enabled set incorrectly when httpd is run by a non-root user

When running an apache that was configured with suexec support as a
random non-root user the variable suexec_enabled is set incorrectly.
The test for availability should really also check access(R_OK|X_OK)
as well as for root ownership and the set uid bit.

This patch fixes the problem and allows me to run the standard Fedora
install of apache as myself and to use mod_fcgid which relies on the
correct setting of suexec_enabled.

-Jim

  http://issues.apache.org/bugzilla/show_bug.cgi?id=42175

--- httpd-2.2.4/os/unix/unixd.c~        2006-07-11 20:38:44.000000000 -0700
+++ httpd-2.2.4/os/unix/unixd.c 2007-04-19 21:33:43.000000000 -0700
@@ -215,7 +215,7 @@
     }

     if ((wrapper.protection & APR_USETID) && wrapper.user == 0) {
-        unixd_config.suexec_enabled = 1;
+        unixd_config.suexec_enabled = access(SUEXEC_BIN, R_OK|X_OK) == 0;
     }
 }