httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chuck Murcko <ch...@topsail.org>
Subject Re: [PATCH] suexec doesn't close log file
Date Mon, 07 Apr 1997 05:22:01 GMT
+1 here, also.

Randy Terbush wrote:
> 
> +1
> 
> > ...which means the CGI can mess with the suexec log file.
> >
> > Index: suexec.c
> > ===================================================================
> > RCS file: /export/home/cvs/apache/support/suexec.c,v
> > retrieving revision 1.19
> > diff -c -r1.19 suexec.c
> > *** suexec.c  1997/03/03 19:33:53     1.19
> > --- suexec.c  1997/04/06 20:01:59
> > ***************
> > *** 451,456 ****
> > --- 451,464 ----
> >       }
> >
> >       clean_env();
> > +
> > +     /*
> > +      * Be sure to close the log file so the CGI can't
> > +      * mess with it.  If the exec fails, it will be reopened
> > +      * automatically when log_err is called.
> > +      */
> > +     fclose(log);
> > +     log = NULL;
> >
> >       /*
> >        * Execute the command, replacing our image with its own.

-- 
chuck
Chuck Murcko
The Topsail Group, West Chester PA USA
chuck@topsail.org

Mime
View raw message