You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Stefan Hudson <hu...@mbay.net> on 1997/04/09 22:30:01 UTC
suexec/341: Server not running as user specified in User directive in
>Number: 341
>Category: suexec
>Synopsis: Server not running as user specified in User directive in <VirtualHost>
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache (Apache HTTP Project)
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Wed Apr 9 13:30:01 1997
>Originator: hudson@mbay.net
>Organization:
apache
>Release: 1.2b8
>Environment:
Linux lobos 2.0.29 #2 Sat Mar 15 22:10:23 PST 1997 i586
gcc version 2.7.2
>Description:
According to the docs, "The User directive sets the userid as which the
server will answer requests." I have a virtual server with the following
configuration:
<VirtualHost 206.40.79.20>
ServerName www.ender.org
User hudson
ServerAdmin webmaster@ender.org
DocumentRoot /www/docs/www.ender.org
ScriptAlias /cgi-bin/ /www/cgi-bin/hudson/
TransferLog logs/www.ender.org
</VirtualHost>
The server still uses the www:www user:gid for reading the files in
DocumentRoot; that is, if I have a file owned by me (hudson) with
permissions 0600, access to the file returns a 403. Access to a file
owned by user "www" with the same permissions will work. Execution of
CGI scripts using suexec does execute with the correct user (hudson).
>How-To-Repeat:
http://www.ender.org/ has two files on it, both with permissions 0600.
"hudson" is owned by me, and "www" is owned by user www, the user the
server normally runs at.
http://www.ender.org/cgi-bin/printinfo will show the UID/GID it executes
as on the bottom. I am UID 1000, user "www" is UID 500. This seems to
be correct.
>Fix:
Does the "User" directive in a <VirtualHost> only affect execution
of CGI scripts? If so, the documentation should be changed to reflect
this.
%0
>Audit-Trail:
>Unformatted: