httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From (Robert S. Thau)
Subject Re: WWW Form Bug Report: "cgi-bin scripts get run as root despite conf" on Irix
Date Wed, 05 Jun 1996 20:26:15 GMT
  Any chance y'all will reconsider this bit of wierdness, or am I just
  wasting my breath?

Jeez... did anyone say this situation was *desirable*?  I just wanted
to be sure that setting the server's uid to root inetd.conf *was* in
fact the root of the behavior we were seeing.  (I take it you've
verified that it was?)  Unfortunately, very few people in the group
run the server under inetd, so an increasing number of things like
this have been slipping through the cracks; we're starting to think
about dropping it.

To answer your question, I can't speak for the rest of the group, but
I *do* think that if we keep supporting inetd at all, then allowing
people to set things up so that the server runs under inetd, but CGI
scripts don't have write permission on the transfer log, is a decent
reason to have the server switch uid's when running as root, even
under inetd.  (There is also, of course, the minor matter of the
principle of least astonishment).

Arranging for this is *should* be just a matter of adding a few lines
of code to the part of main() that handles inetd mode, something like
so --- NB this was a patch against the development branch of the
server.  Unfortunately, since I don't run it under inetd either, all I
can be sure of is that the patched server compiles cleanly.  However,
if the patch works as *intended* it should cause your setup to work
as you expected in the first place....

*** http_main.c~	Sun May 12 21:00:12 1996
--- http_main.c	Wed Jun  5 16:23:19 1996
*** 1468,1475 ****
  	default_server_hostnames (server_conf);
!         user_id = getuid();
!         group_id = getgid();
  	c = sizeof(sa_client);
  	if ((getpeername(fileno(stdin), &sa_client, &c)) < 0)
--- 1468,1478 ----
  	default_server_hostnames (server_conf);
! 	/* Only try to switch if we're running as root */
! 	if(!geteuid() && setuid(user_id) == -1) {
! 	    log_unixerr("setuid", NULL, "unable to change uid", server_conf);
! 	    exit (1);
! 	}
  	c = sizeof(sa_client);
  	if ((getpeername(fileno(stdin), &sa_client, &c)) < 0)

View raw message