httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivan Zhakov <i...@visualsvn.com>
Subject Apache requires read permissions for parent directories of configuration files
Date Mon, 22 Jun 2009 14:48:34 GMT
Hi,

I encountered the following problem with Apache HTTPD on Windows:
* lets suppose that server root is "C:\ABC\XYZ\root";
* httpd service have all appropriate access permissions
  for the server root;
* but httpd service doesn't have any access permission for
  the parents of the root. E.g. httpd service doesn't have
  access to "C:\ABC" and "C:\ABC\XYZ"
* in this case httpd failed to start with error message "Invalid file
  path C:\ABC\XYZ\root\conf\htpasswd" if AuthUserFile directive used.

We did researched and found that this happens with most Apache
directives, because they use a function ap_server_root_relative (),
which in turn causes apr_filepath_merge () with a flag
APR_FILEPATH_TRUENAME.

This change was introduced in r90571 [1], before r90571
ap_make_full_path() used which does not perform file path resolution
like apr_filepath_merge with flag APR_FILEPATH_TRUENAME does.

We have the following questions:
* what is the reason to use APR_FILEPATH_TRUENAME argument in that place?
* is it possible to remove APR_FILEPATH_TRUENAME argument in the trunk
  of Apache HTTP Server? (see attached patch)

Any comments will be helpful.

[1] http://svn.apache.org/viewvc?view=rev&revision=90571

-- 
Ivan Zhakov
VisualSVN Team

Mime
View raw message