Message-Id: <19980126040742.7365.qmail@hyperreal.org>
Date: 26 Jan 1998 04:07:42 -0000
From: Eric Peabody <peabody@bnserve.com>
Reply-To: peabody@bnserve.com
To: apbugs@hyperreal.org
Subject: suexec/1731: suexec fails for SSI with arguments
Sender: apache-bugdb-owner@apache.org
Precedence: bulk


>Number:         1731
>Category:       suexec
>Synopsis:       suexec fails for SSI with arguments
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Sun Jan 25 20:10:01 PST 1998
>Last-Modified:
>Originator:     peabody@bnserve.com
>Organization:
apache
>Release:        1.2.4 & 1.2.5
>Environment:
Linux secundus 2.0.30 #8 Mon Oct 6 15:14:50 CDT 1997 i586 unknown
gcc version 2.7.2.2
>Description:
The docs for mod_include sez: "cmd -- The server will execute the given string using /bin/sh. The include variables are available to the command. "

But if arguments are given it fails with a 'cannot stat program' in the cgi log;
without args, it works o.k. (At least this is true in a suexec environment.)

The workaround is to package what would be arguments into a script without args
and call the arg-less script through the SSI.
>How-To-Repeat:
Working:  http://www.themarquis.com/index.shtml

Failing:  http://www.themarquis.com/showbug.shtml

These are identical except that the working one execs a script that contains
what the failing one calls directly via 'exec cmd=...'.
>Fix:
suexec.c does not parse the cmd at all.  It passes the whole command string
to lstat.  Instead, pass everything up to the first whitespace character to lstat, not the whole string
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <apbugs@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]