You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by Mark Bentley <be...@cs.umn.edu> on 1997/04/15 19:10:03 UTC

suexec/395: Additional info in ref to #319 (suEXEC / SSI bug)

	The contract type is `' with a response time of 3 business hours.
	A first analysis should be sent before: Tue Apr 15 13:00:00 PDT 1997


>Number:         395
>Category:       suexec
>Synopsis:       Additional info in ref to #319 (suEXEC / SSI bug)
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    apache (Apache HTTP Project)
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Tue Apr 15 10:10:00 1997
>Originator:     bentlema@cs.umn.edu
>Organization:
apache
>Release:        1.2b7
>Environment:
(Not applicable)
>Description:
The <!--#exec cmd="program" --> SSI is broken.  The only way this will work
is if program is in the current working directory (the directory where the 
html file resides with the SSI).   Because lstat in suEXEC requires a
full path to the file your stating, but giving the full path will result in
another error, because a "/" (slash) is not allowed in the command to be
executed.
>How-To-Repeat:

>Fix:

>Audit-Trail:
>Unformatted: