You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by "Michael H. Voase" <mv...@midcoast.com.au> on 1998/12/04 00:51:59 UTC

Now that the shouting is over...

Gday ,

    Id just like to ask a small question on a hack Im doing
on mod_cgi . I know this is probably a bad time to ask
since you guys are flat out getting 2.0 ready but Ill
get to point . I have hacked up mod_cgi and called
it mod_cgisock . Instead of cgi talking to the cgi
process through two pipes , it talks via a unix
domain socket . The reason why I hacked it was
so that I could write a multithreaded cgi server that
could service serveral sockets at once and was reasonbly
fast . The bottom line is that to make me module work I had
to hack  http_request.c ( 1.3.1 ) to (after line 102 )

/*
 * We don't want people able to serve up pipes, or unix sockets, or
other
 * scary things.  Note that symlink tests are performed later.
 */
static int check_safe_file(request_rec *r)
{
    if (r->finfo.st_mode == 0         /* doesn't exist */
        || S_ISDIR(r->finfo.st_mode)
        || S_ISREG(r->finfo.st_mode)
        || S_ISSOCK(r->finfo.st_mode)     <-- Hacked Line
        || S_ISLNK(r->finfo.st_mode)) {
        return OK;
    }

The reason I have done this is that the socket is located
by the URL . mod_cgisock the connects to the socket
and transfers the environment variables then interacts
with the socket in the same manner as cgi interacts
with a script ( the code is much the same with a socket
substituted ) .

    I just want to know  if is this a Bad Idea , has anyone done
this before and fell on their face . ( Before anyone says that
I have re-invented that wheel , fastcgi uses that URL to
locate that script or defined config . Thus doesnt require
this particular patch becuase the socket in fastcgi is
encapsulated by the module whereas this method just
seeks to be an interface for a cgi process . I have been
in discussions with Jonathon Roy and RobS over this ...) .
I am asking since the warning in the above code segment
seems to be fairly stern about the serving up of sockets .

Anyway I just want to canvas your opinions as exerienced
web masters so that I can determine if I should continue
with this project ...

( Note : In the module documentation there are many
warnings about this patch and its potential for
disaster . I dont want anybody getting burnt by it
while it is at this VERY alpha stage of developement )

Thanx for your time.

Cheers Mik Voase

P.S. Sorry ,but I dont quite think its cross platform
compatible with windoze . But it seems to be thread
safe by its design ;)

--
----------------------------------------------------------------------------
 /~\     /~\            CASTLE INDUSTRIES PTY. LTD.
 | |_____| |            Incorporated 1969. in N.S.W., Australia
 |         |            Phone +612 6562 1345 Fax +612 6567 1449
 |   /~\   |            Web http://www.midcoast.com.au/~mvoase
 |   [ ]   |            Michael H. Voase.  Director.
~~~~~~~~~~~~~~          Cause Linux Flies and Windoze Dies ... 'nuf said.
----------------------------------------------------------------------------

Re: Now that the shouting is over...

Posted by Dean Gaudet <dg...@arctic.org>.


On Thu, 3 Dec 1998, Michael H. Voase wrote:

> /*
>  * We don't want people able to serve up pipes, or unix sockets, or
> other
>  * scary things.  Note that symlink tests are performed later.
>  */
> static int check_safe_file(request_rec *r)
> {
>     if (r->finfo.st_mode == 0         /* doesn't exist */
>         || S_ISDIR(r->finfo.st_mode)
>         || S_ISREG(r->finfo.st_mode)
>         || S_ISSOCK(r->finfo.st_mode)     <-- Hacked Line
>         || S_ISLNK(r->finfo.st_mode)) {
>         return OK;
>     }
> 
> The reason I have done this is that the socket is located
> by the URL . mod_cgisock the connects to the socket
> and transfers the environment variables then interacts
> with the socket in the same manner as cgi interacts
> with a script ( the code is much the same with a socket
> substituted ) .

Yeah, this is a bad idea on servers where you may not want users running
CGIs... or doing other silly things with sockets (such as locking up
httpds).  We couldn't really accept it into the standard distribution. 

You could use some other mapping from url to cgi socket name... 

Dean