www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Scot Hetzel <hetz...@westbend.net>
Subject suexec/2271: SUEXEC not allowing FrontPage Extentions to run
Date Sat, 23 May 1998 20:39:59 GMT

>Number:         2271
>Category:       suexec
>Synopsis:       SUEXEC not allowing FrontPage Extentions to run
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Sat May 23 13:40:01 PDT 1998
>Last-Modified:
>Originator:     hetzels@westbend.net
>Organization:
apache
>Release:        1.2.x - 1.3b8-dev
>Environment:
FreeBSD-2.2.6-STABLE, gcc
>Description:
When using suexec on a Apache Server with FrontPage extentions and module installed, suexec
will not allow the fpexe program to execute due to the permission on the file and directory
/usr/local/frontpage/currentversion/apache-fp/_vti_bin.  The problem only occurs when trying
to access user subwebs, or virtual webs on the server, there is no problem accessing the root
web.

The attached patches corrects this problem.

Scot W. Hetzel
>How-To-Repeat:
Compile & install Apache 1.2.x with fp-patch-apache-1.2.5 and suexec.
Install the FrontPage Extentions on a user web & virtual web.
Start the server and try to access the user web from FrontPage 98.
>Fix:
Index: apache-1.3/src/support/suexec.c
===================================================================
RCS file: /cvs/apache-1.3/src/support/suexec.c,vretrieving revision 1.38
diff -c -u -r1.38 suexec.c
/usr/bin/diff: conflicting specifications of output style
--- suexec.c	1998/04/21 20:14:06	1.38+++ suexec.c	1998/05/23 20:15:37
@@ -70,6 +70,16 @@  *  *  */+ /*
+ * "FPEXE modification made on 98.05.19 by Scot Hetzel (hetzels@westbend.net)
+ * based on previous FPEXE modifications supplied by Mark Wormgoor
+ * (riddles@ipe.nl)+ *
+ * Changes were made in order to use Suexec and Frontpage 98 at the same time.
+ * After we change to the target_uid and target_gid.  We check if cmd = FPEXE,
+ * if it does then we execute the cmd without performing any further tests.+ *
+ */   #include "conf.h" #include <sys/param.h>@@ -393,6 +403,14 @@     } 
     /*+     * We logged everything, changed to the target uid/gid, and know the
+     * user is ok.  We run fpexe now and bail out before anything goes wrong.
+     */+#ifdef FPEXE+     if ((strcmp(cmd, FPEXE)) != NULL) {+#endif ++    /*
      * Get the current working directory, as well as the proper
      * document root (dependant upon whether or not it is a
      * ~userdir request).  Error out if we cannot get either one,
@@ -482,6 +500,7 @@ 		prg_info.st_uid, prg_info.st_gid); 	exit(120);     }+
     /*      * Error out if the program is not executable for the user.
      * Otherwise, she won't find any error in the logs except for
@@ -493,6 +512,49 @@     }      clean_env();++#ifdef FPEXE+    }+    else {+
+        /* The following taken from mod_frontpage.c to check permissions */+
+        /*
+         * We can't stat the stub dir.  Make sure the stub directory is not
+         * owned by root and not group/world writable+         */
+        if ((lstat(FPSTUBDIR, &dir_info) == -1       ||
+            dir_info.st_uid                          ||
+            (dir_info.st_mode & (S_IWGRP | S_IWOTH)) ||
+            (!S_ISDIR(dir_info.st_mode)))) {+            /*
+             * User recovery: set directory to be owned by by root with
+             * permissions r*x*-x*-x.+             */
+            log_err("Incorrect permissions on stub directory \"%-.1024s\"",
+                    FPSTUBDIR);+            exit (250);+        }++        /*
+	 * We can't stat the stub.  Make sure the stub is not owned by root,
+         * set-uid, set-gid, and is not group/world writable or executable.
+         */+        if ((stat(cmd, &prg_info) == -1    ||
+            prg_info.st_uid                          ||
+            !(prg_info.st_mode & S_ISUID)            ||
+            (prg_info.st_mode & S_ISGID)             ||
+            (prg_info.st_mode & (S_IWGRP | S_IWOTH)) ||
+            !(prg_info.st_mode & (S_IXGRP | S_IXOTH)))) {+            /*
+             * User recovery: set stub to be owned by by root with permissions
+             * r*s*-x*-x.+             */
+            log_err("Incorrect permissions on stub \"%-.1024s\"", cmd);
+            exit (251);+        }+    }+#endif        /* 
      * Be sure to close the log file so the CGI can't
Index: apache-1.3/src/support/suexec.h
===================================================================
RCS file: /cvs/apache-1.3/src/support/suexec.h,vretrieving revision 1.14
diff -c -u -r1.14 suexec.h
/usr/bin/diff: conflicting specifications of output style
--- suexec.h	1998/03/31 12:54:09	1.14+++ suexec.h	1998/05/23 20:15:37
@@ -56,6 +56,17 @@  */  /*
+ * "FPEXE modification made on 98.05.21 by Scot Hetzel (hetzels@westbend.net)
+ * based on previous FPEXE modifications supplied by Mark Wormgoor
+ * (riddles@ipe.nl)+ *
+ * Changes were made in order to use Suexec and Frontpage 98 at the same time.
+ * After we change to the target_uid and target_gid.  We check if cmd = FPEXE,
+ * if it does then we execute the cmd without performing any further tests.+ *
+ */ ++/*  * suexec.h -- user-definable variables for the suexec wrapper code.
  */ @@ -129,6 +140,24 @@  */ #ifndef DOC_ROOT
 #define DOC_ROOT "/usr/local/apache/htdocs"+#endif++/*+ * FPEXE, FPSTUB
+ * FPSTUBDIR -- We are running frontpage and we don't need to run
+ *              fpexe suid, since it's already set suid.  Also, the
+ *              dir-rights are incorrect and so on...+ */+#ifndef FPEXE
+#define FPEXE "fpexe"+#endif++#ifndef FPSTUB
+#define FPSTUB "/usr/local/frontpage/version3.0/apache-fp/_vti_bin/fpexe"
+#endif++#ifndef FPSTUBDIR
+#define FPSTUBDIR "/usr/local/frontpage/currentversion/apache-fp/_vti_bin"
 #endif  /*
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <apbugs@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]




Mime
View raw message