httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: [PATCH] suexec doesn't close log file
Date Mon, 07 Apr 1997 02:14:49 GMT
+1 

> ...which means the CGI can mess with the suexec log file. 
> 
> Index: suexec.c
> ===================================================================
> RCS file: /export/home/cvs/apache/support/suexec.c,v
> retrieving revision 1.19
> diff -c -r1.19 suexec.c
> *** suexec.c	1997/03/03 19:33:53	1.19
> --- suexec.c	1997/04/06 20:01:59
> ***************
> *** 451,456 ****
> --- 451,464 ----
>       }
>   
>       clean_env();
> + 
> +     /* 
> +      * Be sure to close the log file so the CGI can't
> +      * mess with it.  If the exec fails, it will be reopened 
> +      * automatically when log_err is called.
> +      */
> +     fclose(log);
> +     log = NULL;
>       
>       /*
>        * Execute the command, replacing our image with its own.




Mime
View raw message