You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Rob Hartill <ro...@imdb.com> on 1996/10/21 19:51:28 UTC
WWW Form Bug Report: "sym link given as arg to cgi script sometimes causes server core dump" on Solaris 2.x (fwd)
If a script's PATH_INFO is a symlink with the wrong permissions
(w.r.t SymLinksIfOwnerMatch) Apache will dump core.
acked.
----- Forwarded message from ariel@columbia.edu -----
From: ariel@columbia.edu
To: apache-bugs%apache.org@organic.com
Date: Mon Oct 21 10:19:37 1996
Subject: WWW Form Bug Report: "sym link given as arg to cgi script sometimes causes server core dump" on Solaris 2.x
Submitter: ariel@columbia.edu
Operating system: Solaris 2.x, version:
Version of Apache Used: 1.1.1
Extra Modules used: n/a
URL exhibiting problem:
Symptoms:
--
I have 'SymLinksIfOwnerMatch' set for the
document root. With this set, if I call a
cgi script, any script, with pathinfo as
a directory that is a symlink that would be
denied, I see in the error log
[Mon Oct 21 13:03:08 1996:8228] httpd: caught SIGSEGV, dumping core
[Mon Oct 21 13:03:08 1996] access to /usr/local/lib/www-test/cgi-bin/test-cgi failed for stealth.cc.columbia.edu, reason: Premature end of script headers
(I called a cgi script that prints out its args and
the various environment variables, called
'test-cgi'; the actual url was http://.../test-cgi/acis
where acis was the name of a directory that was a sym link
with wrong owner.
Yes, I realize that this can be avoided by changing
the ownership of the link, but it may be that the cgi script
wants to access the directory irregardless of
the sym link issue, (in fact, that was the case
here), in which case the core dump is an obstacle.
Thanks,
Ariel Glenn
AcIS R&D
Columbia University
I took down the problem url but can put it back up upon
request.
--
Backtrace:
--
--
----- End of forwarded message from ariel@columbia.edu -----