Return-Path: <anonymous@nagoya.betaversion.org>
Mailing-List: contact bugs-help@httpd.apache.org; run by ezmlm
Delivered-To: mailing list bugs@httpd.apache.org
Received: (qmail 95738 invoked from network); 7 Apr 2002 10:57:03 -0000
Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131)
  by daedalus.apache.org with SMTP; 7 Apr 2002 10:57:03 -0000
Received: (qmail 18677 invoked by uid 50); 7 Apr 2002 10:57:02 -0000
Date: 7 Apr 2002 10:57:02 -0000
Message-ID: <20020407105702.18676.qmail@nagoya.betaversion.org>
From: bugzilla@apache.org
To: bugs@httpd.apache.org
Cc: 
Subject: DO NOT REPLY [Bug 7810] New:  -
    suexec + userdir non-functional in httpd 2.0.35 (possibly related to bug
 7791)
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7810>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7810

suexec + userdir non-functional in httpd 2.0.35 (possibly related to bug 7791)

           Summary: suexec + userdir non-functional in httpd 2.0.35
                    (possibly related to bug 7791)
           Product: Apache httpd-2.0
           Version: 2.0.35
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: Modules
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: colmmacc@redbrick.dcu.ie


Possibly Related to Bug 7791. mod_cgid behaviour is a major
security issue and should at least be documented.

using prefork mpm + mod_cgi :
suexec is called with arguments "uid gid binary .." and NOT "~uid gid binary .."
which results in a not in docroot error. Hacky shell script to add ~ to the call
and recall a real suexec binary results in correct operation.

Confirmed on FreeBSD 4.5 and Solaris 8 (sparc)

using worker mpm + mod_cgid :

suexec DOES NOT EVEN GET CALLED. userdir cgi run with the uid/gid of the 
webserver. 

Confirmed on FreeBSD 4.5 and Solaris 8 (sparc)

configure cmdlines:

./configure --prefix=/local/apache-test \
--enable-cgi \
--enable-suexec --with-suexec-caller=www \
--with-suexec-docroot=/local/web/htdocs \
--with-suexec-bin=/local/apache-test/bin/suexec \
--with-suexec-logfile=/local/apache-test/logs/suexec_log \
--with-suexec-userdir=public_html \
--with-suexec-uidmin=100 --with-suexec-gidmin=100 --with-suexec-umask=077


./configure --prefix=/local/apache-test \
--with-mpm=worker \
--enable-cgid \
--enable-suexec --with-suexec-caller=www \
--with-suexec-docroot=/local/web/htdocs \
--with-suexec-bin=/local/apache-test/bin/suexec \
--with-suexec-logfile=/local/apache-test/logs/suexec_log \
--with-suexec-userdir=public_html \
--with-suexec-uidmin=100 --with-suexec-gidmin=100 --with-suexec-umask=077

relevant configuration directives:

UserDir public_html

..

<Directory /home/*/*/public_html>
     Options Indexes ExecCGI Includes SymLinksIfOwnerMatch
     AllowOverride AuthConfig
</Directory>

<Directory /home/*/*/*/public_html>
     Options Indexes ExecCGI Includes SymLinksIfOwnerMatch
     AllowOverride AuthConfig
</Directory>

(we have a lot of users, hence nested /home)