You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Randy Terbush <ra...@covalent.net> on 1997/10/13 15:20:08 UTC
SUEXEC patches
------- Forwarded Message
Date: Mon, 13 Oct 1997 11:41:05 +0200 (MET DST)
From: Sebastian Andersson <sa...@hogia.net>
To: apache@apache.org
Subject: Patch to suexec so it chrootes.
Message-ID: <Pi...@enterprise.hogia.net>
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="1690501952-1328337836-876735665=:28477"
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
Send mail to mime@docserver.cac.washington.edu for more info.
- --1690501952-1328337836-876735665=:28477
Content-Type: TEXT/PLAIN; charset=US-ASCII
I've made a patch to suexec that chrootes the users to their homedirs
and changes a couple of environment variables before it execs the cgi
program. This is quite useful for ISPs if applied to all the users accesses
to the machines. It also lets suexec start nonsetuid root owned programs
if they are in a root owned directory.
I've only tested it with virtualhosts, not with ~users.
Do whatever you want with it.
Regards,
Sebastian Andersson
- --1690501952-1328337836-876735665=:28477
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="chroot-suexec.c.patch"
Content-Transfer-Encoding: BASE64
Content-ID: <Pi...@enterprise.hogia.net>
Content-Description: chroot-suexec.c.patch
LS0tIHN1ZXhlYy5jLm9yaWcJVHVlIE9jdCAgNyAxNzozMTo0MCAxOTk3DQor
Kysgc3VleGVjLmMJVHVlIE9jdCAgNyAxNzozOTo1MiAxOTk3DQpAQCAtMTM1
LDYgKzEzNSwzMSBAQA0KICAgICBOVUxMDQogfTsNCiANCitzdGF0aWMgdm9p
ZA0KK2N1dF9wYXRoKGludCB1aWQsIGNoYXIgKipob21lKQ0KK3sNCisgICAg
c3RydWN0IHBhc3N3ZCAqcHcgPSBnZXRwd3VpZCh1aWQpOw0KKyAgICBpZigh
cHcpIGV4aXQoMTMzKTsNCisgICAgKmhvbWUgPSBzdHJkdXAocHctPnB3X2Rp
cik7DQorfQ0KKw0KK3N0YXRpYyB2b2lkDQorY3V0X2VudihjaGFyICplbnYs
IGNoYXIgKmhvbWUpDQorew0KKyAgICBjaGFyICplbnZzdHIsICpuZXdlbnYs
ICp0bXA7DQorDQorICAgIGVudnN0ciA9IGdldGVudihlbnYpOw0KKyAgICBp
ZighZW52c3RyKSByZXR1cm47DQorICAgIGlmKHN0cm5jbXAoZW52c3RyLCBo
b21lLCBzdHJsZW4oaG9tZSkpKSByZXR1cm47DQorDQorICAgIG5ld2Vudj1z
dHJkdXAoZW52c3RyK3N0cmxlbihob21lKSk7DQorICAgIGlmKCEqbmV3ZW52
KSByZXR1cm47DQorDQorICAgIC8qIGZwcmludGYoc3RkZXJyLCAiJXNcbiIs
IG5ld2Vudik7ICovDQorDQorICAgIGlmKHNldGVudihlbnYsIG5ld2Vudiwg
MSk9PS0xKSBleGl0KDExMSk7DQorICAgIGZyZWUobmV3ZW52KTsNCit9DQog
DQogc3RhdGljIHZvaWQgZXJyX291dHB1dChjb25zdCBjaGFyICpmbXQsIHZh
X2xpc3QgYXApDQogew0KQEAgLTM1OSwxMSArMzg0LDE2IEBADQogICAgICAg
ICBleGl0KDEwOSk7DQogICAgIH0NCiANCisvKiBXZSBuZWVkIHRvIGNocm9v
dCBoZXJlICovDQorDQogICAgIC8qDQogICAgICAqIHNldHVpZCgpIHRvIHRo
ZSB0YXJnZXQgdXNlci4gIEVycm9yIG91dCBvbiBmYWlsLg0KICAgICAgKi8N
Ci0gICAgaWYgKChzZXR1aWQodWlkKSkgIT0gMCkgew0KLQlsb2dfZXJyKCJm
YWlsZWQgdG8gc2V0dWlkICglbGQ6ICVzLyVzKVxuIiwgdWlkLCBjd2QsIGNt
ZCk7DQorDQorICAgIHNldHVpZCgwKTsNCisNCisgICAgaWYgKChzZXRldWlk
KHVpZCkpICE9IDApIHsNCisgICAgICAgIGxvZ19lcnIoImZhaWxlZCB0byBz
ZXRldWlkICglbGQ6ICVzLyVzKVxuIiwgdWlkLCBjd2QsIGNtZCk7DQogCWV4
aXQoMTEwKTsNCiAgICAgfQ0KIA0KQEAgLTQ1NCwxMiArNDg0LDE4IEBADQog
CSh1aWQgIT0gcHJnX2luZm8uc3RfdWlkKSB8fA0KIAkoZ2lkICE9IHByZ19p
bmZvLnN0X2dpZCkpDQogICAgIHsNCisgICAgICAgIGlmKCFkaXJfaW5mby5z
dF91aWQgJiYgIWRpcl9pbmZvLnN0X2dpZCAmJiAhcHJnX2luZm8uc3RfdWlk
ICYmICFwcmdfaW5mby5zdF9naWQpIHsNCisgICAgICAgICAgICAvKiBSb290
cycgcHJvZ3JhbXMgaW4gcm9vdHMnIGRpcnMgbWF5IGJlIHJ1biBhbnl3YXkg
Ki8NCisgICAgICAgICAgICAvKiBTZXR1aWQvc2V0Z2lkICovDQorICAgICAg
ICB9DQorICAgICAgICBlbHNlew0KIAlsb2dfZXJyKCJ0YXJnZXQgdWlkL2dp
ZCAoJWxkLyVsZCkgbWlzbWF0Y2ggd2l0aCBkaXJlY3RvcnkgKCVsZC8lbGQp
IG9yIHByb2dyYW0gKCVsZC8lbGQpXG4iLA0KIAkJIHVpZCwgZ2lkLA0KIAkJ
IGRpcl9pbmZvLnN0X3VpZCwgZGlyX2luZm8uc3RfZ2lkLA0KIAkJIHByZ19p
bmZvLnN0X3VpZCwgcHJnX2luZm8uc3RfZ2lkKTsNCiAJZXhpdCgxMjApOw0K
ICAgICB9DQorICAgIH0NCiANCiAgICAgY2xlYW5fZW52KCk7DQogDQpAQCAt
NDc0LDYgKzUxMCwyOSBAQA0KICAgICAvKg0KICAgICAgKiBFeGVjdXRlIHRo
ZSBjb21tYW5kLCByZXBsYWNpbmcgb3VyIGltYWdlIHdpdGggaXRzIG93bi4N
CiAgICAgICovDQorDQorICAgIC8qIERPQ1VNRU5UX1JPT1QsDQorICAgICAg
IFNDUklQVF9GSUxFTkFNRSAqLw0KKw0KKyAgICB7DQorCWNoYXIgKmhvbWU7
DQorCWN1dF9wYXRoKHVpZCwgJmhvbWUpOw0KKyAgICAgICAgY3V0X2Vudigi
RE9DVU1FTlRfUk9PVCIsIGhvbWUpOw0KKyAgICAgICAgY3V0X2VudigiU0NS
SVBUX0ZJTEVOQU1FIiwgaG9tZSk7DQorICAgICAgICBjdXRfZW52KCJQQVRI
X1RSQU5TTEFURUQiLCBob21lKTsNCisJcHJpbnRmKCJlOiAlaSByOiAlaVxu
IiwgZ2V0ZXVpZCgpLCBnZXR1aWQoKSk7DQorCXNldGV1aWQoMCk7DQorCWlm
KGNocm9vdChob21lKT09LTEpIHsNCisJICAgIGxvZ19lcnIoImNocm9vdCBm
YWlsZWQgKCVzKVxuIiwgaG9tZSk7DQorICAgICAgICAgICAgZXhpdCgxMDAp
Ow0KKwl9DQorICAgIH0NCisNCisgICAgaWYgKChzZXR1aWQodWlkKSkgIT0g
MCkgew0KKwlmcHJpbnRmKHN0ZGVyciwgImZhaWxlZCB0byBzZXR1aWQgKCVs
ZDogJXMvJXMpXG4iLCB1aWQsIGN3ZCwgY21kKTsNCisJZXhpdCgxMTApOw0K
KyAgICB9DQorICAgIA0KICAgICBleGVjdihjbWQsICZhcmd2WzNdKTsNCiAN
CiAgICAgLyoNCkBAIC00ODQsNiArNTQzLDYgQEANCiAgICAgICoNCiAgICAg
ICogT2ggd2VsbCwgbG9nIHRoZSBmYWlsdXJlIGFuZCBlcnJvciBvdXQuDQog
ICAgICAqLw0KLSAgICBsb2dfZXJyKCJleGVjIGZhaWxlZCAoJXMpXG4iLCBj
bWQpOw0KKyAgICBmcHJpbnRmKHN0ZGVyciwgImV4ZWMgZmFpbGVkICglcylc
biIsIGNtZCk7DQogICAgIGV4aXQoMjU1KTsNCiB9DQo=
- --1690501952-1328337836-876735665=:28477--
------- End of Forwarded Message