httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "pqf" <...@mailtech.cn>
Subject Re: [mod_fcgid PATCH] catch errors from setuid()/seteuid()
Date Fri, 22 Jan 2010 01:01:53 GMT
Hi, Jeff
    Your concerns are right, +1 for your patch :)

Thanks

--------------------------------------------------
From: "Jeff Trawick" <trawick@gmail.com>
Sent: Thursday, January 21, 2010 9:23 PM
To: <dev@httpd.apache.org>
Subject: Re: [mod_fcgid PATCH] catch errors from setuid()/seteuid()

> On Wed, Jan 20, 2010 at 8:19 PM, pqf <pqf@mailtech.cn> wrote:
>> I man seteuid in my Linux box, there are two types of errors:
>> ERRORS
>>       The seteuid() function shall fail if:
>>
>>       EINVAL The value of the uid argument is invalid and is not supported by the
implementation.
>>
>>       EPERM  The  process  does not have appropriate privileges and uid does not
match the real group ID or the saved set-group-
>>              ID.
>>
>> If directly pass 0 in setuid(), EINVAL may not happend
>> If this process is seteuid from root, EPERM may not happend
>>
>> so, I think the check is just a textbook logic check?
> 
> yes, until somebody changes code or some other bug results in this
> being called in a different environment
> 
>> just call _exit(1) if it fail?
> 
> two concerns with that minimal change:
> 
> 1. seteuid() works once then fails n times now (at least on Solaris),
> so some extra logic is needed
> 2. even if these calls never fail, the presence of the exit() without
> a log message may cause somebody to lose a lot of time investigating a
> mysterious disappearance of the new process
> 
> --/--
> 
> I'll punt on this until after 2.3.5 since I'd like to spend the time
> to watch it work on another platform or two.  (suexec is not something
> I use more than once every ~3 years, so it is worth setting up in
> multiple environments.)
> 
Mime
View raw message