httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Votes please
Date Fri, 24 Jan 1997 19:15:40 GMT

This is one that would be nice to get in this beta.

My comments below do not mean that this does not work, it just
doesn't work for the group_list which is not compiled in by
default if I remember correctly. Tough to check that if we are
sending to the wrapper for a different target?

------- Forwarded Message

Someone reported this bug the other day. The solution below
does not solve the issue when MULTIPLE_GROUPS is defined and
we are checking an suexec target.


Index: util.c
===================================================================
RCS file: /export/home/cvs/apache/src/util.c,v
retrieving revision 1.41
diff -c -r1.41 util.c
*** util.c	1997/01/20 09:36:26	1.41
- --- util.c	1997/01/22 19:02:26
***************
*** 936,942 ****
      else return 0;
  }
  
! int can_exec(const struct stat *finfo) {
  #ifdef MULTIPLE_GROUPS
    int cnt;
  #endif
- --- 936,942 ----
      else return 0;
  }
  
! int can_exec(request_rec *r) {
  #ifdef MULTIPLE_GROUPS
    int cnt;
  #endif
***************
*** 944,963 ****
      /* OS/2 dosen't have Users and Groups */
      return 1;
  #else    
!     if(user_id == finfo->st_uid)
!         if(finfo->st_mode & S_IXUSR)
              return 1;
!     if(group_id == finfo->st_gid)
!         if(finfo->st_mode & S_IXGRP)
              return 1;
  #ifdef MULTIPLE_GROUPS
      for(cnt=0; cnt < NGROUPS_MAX; cnt++) {
!         if(group_id_list[cnt] == finfo->st_gid)
!             if(finfo->st_mode & S_IXGRP)
                  return 1;
      }
  #endif
!     return (finfo->st_mode & S_IXOTH);
  #endif    
  }
  
- --- 944,963 ----
      /* OS/2 dosen't have Users and Groups */
      return 1;
  #else    
!     if(r->server->server_uid == r->finfo.st_uid)
!         if(r->finfo.st_mode & S_IXUSR)
              return 1;
!     if(r->server->server_gid == r->finfo.st_gid)
!         if(r->finfo.st_mode & S_IXGRP)
              return 1;
  #ifdef MULTIPLE_GROUPS
      for(cnt=0; cnt < NGROUPS_MAX; cnt++) {
!         if(group_id_list[cnt] == r->finfo.st_gid)
!             if(r->finfo.st_mode & S_IXGRP)
                  return 1;
      }
  #endif
!     return (r->finfo.st_mode & S_IXOTH);
  #endif    
  }
  
Index: mod_cgi.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_cgi.c,v
retrieving revision 1.28
diff -c -r1.28 mod_cgi.c
*** mod_cgi.c	1997/01/20 04:28:12	1.28
- --- mod_cgi.c	1997/01/22 19:10:41
***************
*** 377,383 ****
      if (r->finfo.st_mode == 0)
  	return log_scripterror(r, conf, NOT_FOUND,
  			       "script not found or unable to stat");
!     if(!can_exec(&r->finfo))
  	return log_scripterror(r, conf, FORBIDDEN,
  			       "file permissions deny server execution");
      
- --- 377,383 ----
      if (r->finfo.st_mode == 0)
  	return log_scripterror(r, conf, NOT_FOUND,
  			       "script not found or unable to stat");
!     if(!can_exec(r))
  	return log_scripterror(r, conf, FORBIDDEN,
  			       "file permissions deny server execution");
      
Index: httpd.h
===================================================================
RCS file: /export/home/cvs/apache/src/httpd.h,v
retrieving revision 1.79
diff -c -r1.79 httpd.h
*** httpd.h	1997/01/07 06:18:12	1.79
- --- httpd.h	1997/01/22 19:15:53
***************
*** 677,683 ****
  uid_t uname2id(const char *name);
  gid_t gname2id(const char *name);
  int is_directory(const char *name);
! int can_exec(const struct stat *);     
  void chdir_file(const char *file);
       
  char *get_local_host(pool *);
- --- 677,683 ----
  uid_t uname2id(const char *name);
  gid_t gname2id(const char *name);
  int is_directory(const char *name);
! int can_exec(request_rec *r);     
  void chdir_file(const char *file);
       
  char *get_local_host(pool *);


------- End of Forwarded Message




Mime
View raw message