httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gregory A Lundberg <>
Subject PR listing, suexec PRs
Date Sat, 27 Jun 1998 13:01:52 GMT
I've been doing quite a bit of work recently in the suEXEC area.  As part
of my work, I've put together a summary of the PRs for suEXEC.  My
intention is, if nobody bellies up to work on these before I get to them,
I will be sending along fixes for most (if not all) of these issues.
Anyway, here's my take on the PRs related to suEXEC:

PR 921
  cwd used before set, fixed in 1.2.5 and 1.3b3
  needs syslog capabilities, patch in PR as starting point

PR 1001
  needs to check group list to prevent dumb admins from bypassing

PR 1037
  probably setup error, but raises the point: should suEXEC allow
    ownership by some other, trusted, UID/GID than the target UID/GID?

PR 1120
  claims suEXEC does not handle command parsing.  that's not the job of
    suEXEC, but the problem is real.  core should parse #exec cmd="..."
    to some extent (but how?).  Proposed patch URL given, but probably
    fixes problem in the wrong area.

PR 1264
  probably local config error, works fine for me

PR 1268
  core needs another UID/GID to run CGIs under (per server) so that
    system-wide CGIs (ala ScriptAlias) aren't run as the server UID/GID
    I agree, I've seend this and wished it weren't so myself.  Dean
    seems to agree, too.

PR 1285
  why is this suspended?  what he's looking for is a way he can use
    automated tools to scan for problems more easily.  Probably a good
    idea.  Brings to mind the question, how about configurable
    severity?  (info if suEXEC worked, error otherwise, allow user to
    determine which level is logged)

PR 1346
  feedback is there marc!  This looks like another take on PR 1268 to
    me.  In addition, the requirement that suEXEC only work for ~<user>
    has always bothered me.

PR 1469
  the only question I have here is how safe is the check on directory
    ownership?  should it chase up to '/'?  can anyone think of a way
    to fool suEXEC by attacking at lower (toward-/) directory levels?
    Sendmail 8.9.0 does this, so they at least felt it was a good

PR 1470
  there's a good point in there somewhere.  personally, I like scripts
    to run from the cwd and have argv[0] contain _just_ the program
    name.  It keeps the ps list simple and makes it harder for people
    to tell what's what from there.  purely asthetics but what the heck

PR 1725
  s/b closed

PR 1731
  duplicate of PR 1346 and PR 1268 but phrased in terms of SSI

PR 1769
  submits a patch to allow <Location> block to contain override for
    UID/GID .. prolly a good idea, see PR 1037

PR 1881
  probable local config error

PR 1905
  proposes a patch to allow modules to determine UID/GID for suEXEC
    prolly a good idea, too

PR 1954
  proposes to allow execution if the owner of the directory does not
    match the target UID/GID where the owner is root.  prolly a good
    idea.  this is needed to securely run FP, I used it in my fpEXEC
    to test ownership was privileged while target was not.

PR 2022
  we've already setuid'd so we can't re-open the error log file.  if
    we add syslog capabilities, this is a non-issue.

PR 2075
  duplicate of 2022 but points out that no check is make that the
    target is marked executable for the user; good point since this
    is probably most of the reason for this error.

PR 2271
  Probable local configuration/installation error.  IMHO, this is a
    Frontpage bug not an Apache suexec bug. If Apache is to support
    Frontpage, either RtR can fix their bug or Apache can do it in
    a more secure manner than the patch proposes. 


PR 112 - folded into PR 1268
PR 218 - correction causes PR 2022
PR 237 - folded into PR 1268
PR 261 - fixed in 1.2b8, I saw this too and it _is_ fixed
PR 269 - fixed in 1.2b9
PR 319 - dup of PR 1120
PR 339 - fixed in 1.2b9
PR 341 - documentation fixed
PR 367 - fixed in 1.2b9
PR 395 - folded into PR 1268
PR 398 - fixed in 1.2b9, dup of 339
PR 453 - fixed in 1.2b9
PR 479 - fixed in 1.2b9, dup of 339
PR 675 - user error, folded into PR 1268
PR 682 - dup of 675
PR 741 - probable user error
PR 757 - dup of 741
PR 773 - fixed
PR 871 - needs fixing if inetd mode is re-supported
PR 946 - user error
PR 1026 - user error
PR 1084 - probably fixed
PR 1138 - user error, well except I think the umask is wrong
PR 1284 - fixed in 1.3b3
PR 1318 - dup of 871
PR 1343 - fixed in 1.3b4
PR 1543 - fixed in 1.3b4, see 2022
PR 1738 - dup of 921, fixed in 1.2.5 and 1.3b3
PR 1894 - fixed in 1.3b<something>?  good idea.
PR 1924 - user error
PR 1934 - user error


Gregory A Lundberg		Senior Partner, VRnet Company
1441 Elmdale Drive    
Kettering, OH 45409-1615 USA    1-800-809-2195

View raw message