You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Randy Terbush <ra...@zyzzyva.com> on 1997/07/27 20:50:04 UTC
Re: mod_cgi/918: if not using suexec, apache forces user to use server gid/uid settings
> No. The server looks at the permissions on the script that suexec will
> execute, not the permissions on suexec. Since when suexec eventually gets
> around to running the script, it will probably be as a different UID,
> checking based on the view of the user who runs suexec doesn't make sense.
>
> The code could be expanded to know what user will be passed to suexec, but
> it hasn't been.
Correct. This had been brought up during 1.2 beta and I _thought_
was fixed.
Index: util.c
===================================================================
RCS file: /export/home/cvs/apache/src/util.c,v
retrieving revision 1.64
diff -u -3 -r1.64 util.c
--- util.c 1997/07/21 05:53:52 1.64
+++ util.c 1997/07/27 18:47:54
@@ -993,7 +993,7 @@
return (x ? 1 : 0); /* If the first character is ':', it's broken, too */
}
-API_EXPORT(int) can_exec(const struct stat *finfo) {
+API_EXPORT(int) can_exec(const request_rec *r) {
#ifdef MULTIPLE_GROUPS
int cnt;
#endif
@@ -1001,20 +1001,20 @@
/* OS/2 dosen't have Users and Groups */
return 1;
#else
- if(user_id == finfo->st_uid)
- if(finfo->st_mode & S_IXUSR)
+ if(r->server->server_uid == r->finfo.st_uid)
+ if(r->finfo.st_mode & S_IXUSR)
return 1;
- if(group_id == finfo->st_gid)
- if(finfo->st_mode & S_IXGRP)
+ if(r->server->server_gid == r->finfo.st_gid)
+ if(r->finfo.st_mode & S_IXGRP)
return 1;
#ifdef MULTIPLE_GROUPS
for(cnt=0; cnt < NGROUPS_MAX; cnt++) {
- if(group_id_list[cnt] == finfo->st_gid)
- if(finfo->st_mode & S_IXGRP)
+ if(group_id_list[cnt] == r->finfo.st_gid)
+ if(r->finfo.st_mode & S_IXGRP)
return 1;
}
#endif
- return (finfo->st_mode & S_IXOTH);
+ return (r->finfo.st_mode & S_IXOTH);
#endif
}
Index: mod_cgi.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_cgi.c,v
retrieving revision 1.50
diff -u -3 -r1.50 mod_cgi.c
--- mod_cgi.c 1997/07/24 04:23:59 1.50
+++ mod_cgi.c 1997/07/27 18:48:13
@@ -394,7 +394,7 @@
"script not found or unable to stat");
#endif
if (!suexec_enabled) {
- if (!can_exec(&r->finfo))
+ if (!can_exec(r))
return log_scripterror(r, conf, FORBIDDEN,
"file permissions deny server execution");
}
Index: httpd.h
===================================================================
RCS file: /export/home/cvs/apache/src/httpd.h,v
retrieving revision 1.132
diff -u -3 -r1.132 httpd.h
--- httpd.h 1997/07/23 00:09:02 1.132
+++ httpd.h 1997/07/27 18:48:37
@@ -751,7 +751,7 @@
API_EXPORT(uid_t) uname2id(const char *name);
API_EXPORT(gid_t) gname2id(const char *name);
API_EXPORT(int) is_directory(const char *name);
-API_EXPORT(int) can_exec(const struct stat *);
+API_EXPORT(int) can_exec(const request_rec *r);
API_EXPORT(void) chdir_file(const char *file);
char *get_local_host(pool *);
>
> On Sat, 26 Jul 1997, Dean Gaudet wrote:
>
> > On Sat, 26 Jul 1997, Marc Slemko wrote:
> > > No. can_exec just doesn't know about magic user ID changes like those
> > > that happen using suexec or some other wrapper. It checks to see if it
> > > can be execed given the user ID the server is running as now.
> >
> > Um yes, well, what other uid is the server going to attempt to execute it
> > as?
> >
> > Am I totally confused? I thought these things were setuid root (in the
> > case of suexec), or setuid user (in the case of cgiwrap). In either case
> > the webserver needs permission to execute the file. That's either group
> > or other x that needs to be set.
> >
> > Dean
> >
> >
Re: mod_cgi/918: if not using suexec, apache forces user to use server gid/uid settings
Posted by Dean Gaudet <dg...@arctic.org>.
On Sun, 27 Jul 1997, Randy Terbush wrote:
> Index: mod_cgi.c
> ===================================================================
> RCS file: /export/home/cvs/apache/src/mod_cgi.c,v
> retrieving revision 1.50
> diff -u -3 -r1.50 mod_cgi.c
> --- mod_cgi.c 1997/07/24 04:23:59 1.50
> +++ mod_cgi.c 1997/07/27 18:48:13
> @@ -394,7 +394,7 @@
> "script not found or unable to stat");
> #endif
> if (!suexec_enabled) {
> - if (!can_exec(&r->finfo))
> + if (!can_exec(r))
> return log_scripterror(r, conf, FORBIDDEN,
> "file permissions deny server execution");
> }
I think you mean:
- if (!suexec_enabled) {
- if (!can_exec(&r->finfo))
- return log_scripterror(r, conf, FORBIDDEN,
- "file permissions deny server execution");
- }
+ if (!can_exec(&r->finfo))
+ return log_scripterror(r, conf, FORBIDDEN,
+ "file permissions deny server execution");
At any rate the submitter of 918 is checking out what's really wrong.
It became a problem for him going from a late beta of 1.2 to 1.2.1.
Dean
Re: mod_cgi/918: if not using suexec, apache forces user to use server gid/uid settings
Posted by Marc Slemko <ma...@worldgate.com>.
On Sun, 27 Jul 1997, Randy Terbush wrote:
> > No. The server looks at the permissions on the script that suexec will
> > execute, not the permissions on suexec. Since when suexec eventually gets
> > around to running the script, it will probably be as a different UID,
> > checking based on the view of the user who runs suexec doesn't make sense.
> >
> > The code could be expanded to know what user will be passed to suexec, but
> > it hasn't been.
>
> Correct. This had been brought up during 1.2 beta and I _thought_
> was fixed.
What about userdir requests? Your patch deals not with them?