You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Dean Gaudet <dg...@arctic.org> on 1997/09/16 06:21:54 UTC
Re: mod_cgi/918: if not using suexec, apache forces user to use server gid/uid settings
An old one from July. There was a little discussion surrounding it,
mostly clearing up my confusion.
+1
Dean
On Sun, 27 Jul 1997, Randy Terbush wrote:
> > On Sun, 27 Jul 1997, Randy Terbush wrote:
> >
> > > > No. The server looks at the permissions on the script that suexec will
> > > > execute, not the permissions on suexec. Since when suexec eventually gets
> > > > around to running the script, it will probably be as a different UID,
> > > > checking based on the view of the user who runs suexec doesn't make sense.
> > > >
> > > > The code could be expanded to know what user will be passed to suexec, but
> > > > it hasn't been.
> > >
> > > Correct. This had been brought up during 1.2 beta and I _thought_
> > > was fixed.
> >
> > What about userdir requests? Your patch deals not with them?
>
> Picky picky... :-)
>
> Ok, untested and missing prototype for log_scripterror(). (my
> http_log.h is currently non-standard and I am lazy)
>
>
> Index: util.c
> ===================================================================
> RCS file: /export/home/cvs/apache/src/util.c,v
> retrieving revision 1.64
> diff -u -3 -r1.64 util.c
> --- util.c 1997/07/21 05:53:52 1.64
> +++ util.c 1997/07/27 19:33:36
> @@ -993,7 +993,7 @@
> return (x ? 1 : 0); /* If the first character is ':', it's broken, too */
> }
>
> -API_EXPORT(int) can_exec(const struct stat *finfo) {
> +API_EXPORT(int) can_exec(const struct stat *finfo, uid_t uid, gid_t gid) {
> #ifdef MULTIPLE_GROUPS
> int cnt;
> #endif
> @@ -1001,10 +1001,10 @@
> /* OS/2 dosen't have Users and Groups */
> return 1;
> #else
> - if(user_id == finfo->st_uid)
> + if(uid == finfo->st_uid)
> if(finfo->st_mode & S_IXUSR)
> return 1;
> - if(group_id == finfo->st_gid)
> + if(gid == finfo->st_gid)
> if(finfo->st_mode & S_IXGRP)
> return 1;
> #ifdef MULTIPLE_GROUPS
> Index: mod_cgi.c
> ===================================================================
> RCS file: /export/home/cvs/apache/src/mod_cgi.c,v
> retrieving revision 1.50
> diff -u -3 -r1.50 mod_cgi.c
> --- mod_cgi.c 1997/07/24 04:23:59 1.50
> +++ mod_cgi.c 1997/07/27 19:33:56
> @@ -393,11 +393,6 @@
> return log_scripterror(r, conf, NOT_FOUND,
> "script not found or unable to stat");
> #endif
> - if (!suexec_enabled) {
> - if (!can_exec(&r->finfo))
> - return log_scripterror(r, conf, FORBIDDEN,
> - "file permissions deny server execution");
> - }
>
> if ((retval = setup_client_block(r, REQUEST_CHUNKED_ERROR)))
> return retval;
> Index: httpd.h
> ===================================================================
> RCS file: /export/home/cvs/apache/src/httpd.h,v
> retrieving revision 1.132
> diff -u -3 -r1.132 httpd.h
> --- httpd.h 1997/07/23 00:09:02 1.132
> +++ httpd.h 1997/07/27 19:34:21
> @@ -751,7 +751,7 @@
> API_EXPORT(uid_t) uname2id(const char *name);
> API_EXPORT(gid_t) gname2id(const char *name);
> API_EXPORT(int) is_directory(const char *name);
> -API_EXPORT(int) can_exec(const struct stat *);
> +API_EXPORT(int) can_exec(const struct stat *finfo, uid_t uid, gid_t gid);
> API_EXPORT(void) chdir_file(const char *file);
>
> char *get_local_host(pool *);
> Index: util_script.c
> ===================================================================
> RCS file: /export/home/cvs/apache/src/util_script.c,v
> retrieving revision 1.67
> diff -u -3 -r1.67 util_script.c
> --- util_script.c 1997/07/24 04:24:00 1.67
> +++ util_script.c 1997/07/27 19:34:41
> @@ -739,6 +739,9 @@
> grpname = gr->gr_name;
> }
>
> + if (!can_exec(&r->finfo, pw->pw_uid, gr->gr_gid))
> + return log_scripterror(r, conf, FORBIDDEN,
> + "file permissions deny server execution");
> if (shellcmd)
> execle(SUEXEC_BIN, SUEXEC_BIN, execuser, grpname, argv0, NULL, env);
>
> @@ -753,6 +756,9 @@
> }
> }
> else {
> + if (!can_exec(&r->finfo, user_id, group_id))
> + return log_scripterror(r, conf, FORBIDDEN,
> + "file permissions deny server execution");
> if (shellcmd)
> execle(SHELL_PATH, SHELL_PATH, "-c", argv0, NULL, env);
>
>
>
>