httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wilson <and...@tees.elsevier.co.uk>
Subject Re: Apache secure CGI bin patch (fwd)
Date Thu, 14 Sep 1995 15:49:19 GMT
Felix Leitner: (that name rings a bell)
> >> +Please note that my code is ugly.  It does not do error checking.
> >> +If seteuid fails, you'll not get the error you'll expected, but you'll
> >> +get an error that some files could not be read.

Wheee, yes.  Ideal candidate for immediate release, er...  Please, can we make
error checking mandatory in all patches.  Such that if you make a system
call that can potentially fail - you should run even the simplest check of
return values.  Failure to check should make for -1 I think.

> >> +To make the decision to integrate my patches easier, the changes are
> >> +only effective if you #define SETUID.
> >> +
> >> +If you do not understand what the heck I am talking about, I suggest
> >> +that you do not run a web server until you have consulted a security
> >> +specialist.
> >> +
> >> +Since I am but a humble admin and C/C++/Perl hacker, I can't guarantee
> >> +that this code works, does anything at all, and does not open new holes.
> >> +I advise you to think before enabling SETUID blindly.

I suggest that you do not run a web server until you have consulted a security
specialist. ;)

> >> +#ifdef SETUID
> >> +    seteuid(0);		/* First become root again so we can */
> >> +    seteuid(destuid);	/* seteuid again */
> >> +#endif
> >>      f =3D fopen (r->filename, "r");
> >> +#ifdef SETUID
> >> +    seteuid(0);		/* First become root again so we can */
> >> +    seteuid(user_id);	/* seteuid again */
> >> +#endif

Wheee, again.

Seriously, it's a nice idea but the patch is sucking and would immediately
require a refit if it ever got into the source.  It's also one of those fabled
functional enhancements we hear about but are avoiding till 1.0 gets out.

I'm gunna play about with it anyhow.  Just for kicks.

Ay (licenced to whine).

Mime
View raw message