www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Howard <djhow...@enteract.com>
Subject mod_include/2783: #exec directive non-functional, other directives fine
Date Wed, 05 Aug 1998 04:08:49 GMT

>Number:         2783
>Category:       mod_include
>Synopsis:       #exec directive non-functional, other directives fine
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Tue Aug  4 21:10:00 PDT 1998
>Originator:     djhoward@enteract.com
>Release:        Apache/1.3.1
FreeBSD stumpy.dannyland.org 3.0-CURRENT FreeBSD 3.0-CURRENT #14: Tue Aug  4 20:21:08 CDT
1998     root@stumpy.dannyland.org:/newhome/src/sys/compile/STUMPY  i386

clean build from FreeBSD ports collection.
I've seen other PRs bearing on this topic.  I've exhausted the config files, 
and can find nothing ... so out of desperation I checked bug database and was
reassured by my company.  To wit, it appears that #exec cmd= is discarded.
(See example ...)
- rests beyond a dynamic connection, don't hold your breath

Example text;

<link rev="made" href="mailto:dannyman@dannyland.org">
</head><body text="#000000" link="#3333ff" vlink="#990000" bgcolor="<!--#exec
cmd=".bin/randcolor" -->">

<!--#exec cmd="/bin/date" 

<h1 align=center>29 July, 1998</h1>
<hr width="50%">

Renders to the browser as;

<link rev="made" href="mailto:dannyman@dannyland.org">
</head><body text="#000000" link="#3333ff" vlink="#990000" bgcolor="">

<h1 align=center>29 July, 1998</h1>
<hr width="50%">

Just because I've heard of an occasional bug in FreeBSD sh, I tried;
stumpy 22:56 ~> echo "/bin/date" | /bin/sh
Tue Aug  4 23:04:03 CDT 1998

Later on down the page, the following parses great;
<address>This document last modified <!--#echo var="LAST_MODIFIED"-->
&lt;<a href="mailto:dannyman@dannyland.org">dannyman@dannyland.org</a>&gt;

Oh, I'm using XBitHack full along with the Options Include and the conventional 
.shtml handler stuff ...
I can find no IncludesNOEXEC or whatever it is anywhere, but my uneducated
hunch would maybe investigate some Options configuration loophole.
[In order for any reply to be added to the PR database, ]
[you need to include <apbugs@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request ]
[from a developer.                                      ]
[Reply only with text; DO NOT SEND ATTACHMENTS!         ]

View raw message