httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 33903] New: - Wrong error logged when running Apache under an account other than SYSTEM
Date Tue, 08 Mar 2005 15:03:03 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=33903>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=33903

           Summary: Wrong error logged when running Apache under an account
                    other than SYSTEM
           Product: Apache httpd-2.0
           Version: 2.0.53
          Platform: PC
        OS/Version: Windows Server 2003
            Status: NEW
          Severity: minor
          Priority: P2
         Component: Core
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: gorilla@europe.com


Scenario:
Apache runs under a user account instead of the SYSTEM account.

Apache is installed at c:\web\apache2\
Web roots are located at d:\sites\domainname\www

The Apache account has all the necessary permissions for both directories, 
their files and subdirs.

Problem:
Apache unnecessarily requires read access to all the parent paths in order to 
start up. For instance: it will attempt to open c:\, then c:\web\, then 
c:\web\apache2, then d:\, then d:\sites, then d:\sites\domainname and finally 
d:\sites\domainname\www.

Since it only has read access to the two paths mentioned earlier, any attempt 
to open for example c:\ will fail. However, traversal rights are granted by 
the default setting in the local security policy so the proper thing to do 
would be for Apache to just open the supplied path directly instead of 
crawling the directory tree.

In this scenario a failed attempt to get read access to d:\ will result in 
a "Directory d:\sites\domainname\www does not exist" error in the event log, 
which is clearly wrong.
If Apache does for some reason need to open each directory for read, the error 
message should reflect a failed attempt and indicate a potential permission 
problem instead of concluding that the target directory does not exist.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message