httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: mod_cgi/918: if not using suexec, apache forces user to use server gid/uid settings
Date Sun, 27 Jul 1997 19:37:57 GMT
> On Sun, 27 Jul 1997, Randy Terbush wrote:
> 
> > > No.  The server looks at the permissions on the script that suexec will
> > > execute, not the permissions on suexec.  Since when suexec eventually gets
> > > around to running the script, it will probably be as a different UID,
> > > checking based on the view of the user who runs suexec doesn't make sense.
> > > 
> > > The code could be expanded to know what user will be passed to suexec, but
> > > it hasn't been.
> > 
> > Correct. This had been brought up during 1.2 beta and I _thought_ 
> > was fixed. 
> 
> What about userdir requests?  Your patch deals not with them?

Picky picky... :-)

Ok, untested and missing prototype for log_scripterror(). (my 
http_log.h is currently non-standard and I am lazy) 


Index: util.c
===================================================================
RCS file: /export/home/cvs/apache/src/util.c,v
retrieving revision 1.64
diff -u -3 -r1.64 util.c
--- util.c	1997/07/21 05:53:52	1.64
+++ util.c	1997/07/27 19:33:36
@@ -993,7 +993,7 @@
     return (x ? 1 : 0);  /* If the first character is ':', it's broken, too */
 }
 
-API_EXPORT(int) can_exec(const struct stat *finfo) {
+API_EXPORT(int) can_exec(const struct stat *finfo, uid_t uid, gid_t gid) {
 #ifdef MULTIPLE_GROUPS
   int cnt;
 #endif
@@ -1001,10 +1001,10 @@
     /* OS/2 dosen't have Users and Groups */
     return 1;
 #else    
-    if(user_id == finfo->st_uid)
+    if(uid == finfo->st_uid)
         if(finfo->st_mode & S_IXUSR)
             return 1;
-    if(group_id == finfo->st_gid)
+    if(gid == finfo->st_gid)
         if(finfo->st_mode & S_IXGRP)
             return 1;
 #ifdef MULTIPLE_GROUPS
Index: mod_cgi.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_cgi.c,v
retrieving revision 1.50
diff -u -3 -r1.50 mod_cgi.c
--- mod_cgi.c	1997/07/24 04:23:59	1.50
+++ mod_cgi.c	1997/07/27 19:33:56
@@ -393,11 +393,6 @@
 	return log_scripterror(r, conf, NOT_FOUND,
 			       "script not found or unable to stat");
 #endif
-    if (!suexec_enabled) {
-        if (!can_exec(&r->finfo))
-            return log_scripterror(r, conf, FORBIDDEN,
-                                   "file permissions deny server execution");
-    }
 
     if ((retval = setup_client_block(r, REQUEST_CHUNKED_ERROR)))
 	return retval;
Index: httpd.h
===================================================================
RCS file: /export/home/cvs/apache/src/httpd.h,v
retrieving revision 1.132
diff -u -3 -r1.132 httpd.h
--- httpd.h	1997/07/23 00:09:02	1.132
+++ httpd.h	1997/07/27 19:34:21
@@ -751,7 +751,7 @@
 API_EXPORT(uid_t) uname2id(const char *name);
 API_EXPORT(gid_t) gname2id(const char *name);
 API_EXPORT(int) is_directory(const char *name);
-API_EXPORT(int) can_exec(const struct stat *);     
+API_EXPORT(int) can_exec(const struct stat *finfo, uid_t uid, gid_t gid);     
 API_EXPORT(void) chdir_file(const char *file);
      
 char *get_local_host(pool *);
Index: util_script.c
===================================================================
RCS file: /export/home/cvs/apache/src/util_script.c,v
retrieving revision 1.67
diff -u -3 -r1.67 util_script.c
--- util_script.c	1997/07/24 04:24:00	1.67
+++ util_script.c	1997/07/27 19:34:41
@@ -739,6 +739,9 @@
 	    grpname = gr->gr_name;
 	}
   
+        if (!can_exec(&r->finfo, pw->pw_uid, gr->gr_gid))
+            return log_scripterror(r, conf, FORBIDDEN,
+                                   "file permissions deny server execution");
   	if (shellcmd)
 	    execle(SUEXEC_BIN, SUEXEC_BIN, execuser, grpname, argv0, NULL, env);
 
@@ -753,6 +756,9 @@
 	}
     }
     else {
+        if (!can_exec(&r->finfo, user_id, group_id))
+            return log_scripterror(r, conf, FORBIDDEN,
+                                   "file permissions deny server execution");
 	if (shellcmd) 
 	    execle(SHELL_PATH, SHELL_PATH, "-c", argv0, NULL, env);
 	



Mime
View raw message