Debian bug report logs - #27234
should be able to NOT run suexec in some directories or locations
Package: apache;
Reported by: Floody G <flood@evcom.net>; dated Tue, 29 Sep 1998 21:48:01 GMT;
Maintainer for apache is
Johnie Ingram <johnie@debian.org>.
Message received at submit@bugs.debian.org:
Received: (at submit) by bugs.debian.org; 29 Sep 1998 21:36:23 +0000
Received: (qmail 10315 invoked from network); 29 Sep 1998 21:36:23 -0000
Received: from zothommog.evcom.net (root@208.136.203.8)
by debian.novare.net with SMTP; 29 Sep 1998 21:36:23 -0000
Received: from agony.evcom.net (flood@agony.evcom.net [208.136.203.10])
by zothommog.evcom.net (8.8.8/8.8.8) with ESMTP id RAA23044
for <submit@bugs.debian.org>; Tue, 29 Sep 1998 17:36:11 -0400
Received: from localhost (flood@localhost)
by agony.evcom.net (8.8.8/8.8.8) with SMTP id RAA24740
for <submit@bugs.debian.org>; Tue, 29 Sep 1998 17:36:17 -0400
Date: Tue, 29 Sep 1998 17:36:17 -0400 (EDT)
From: Floody G <flood@evcom.net>
To: submit@bugs.debian.org
Subject: should be able to NOT run suexec in some directories or locations
Message-ID: <Pine.LNX.3.96.980929172833.24722A-100000@agony.evcom.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Package: apache
Version: 1.3.2-1
Twouldn't it be nice if you didn't have to run suexec for every cgi ran by
virtualhost's or userdir configurations? It's not only nice, it's a
necessity for myself ("global" cgi-bins, etc).
A patch follows which implements eggsactly this, it adds the NoSuExec
option. To *disable* using suexec inside a <Directory> or <Location>,
simply: Options +NoSuExec
Note that for very obvious security reasons, this option CANNOT be used in
.htaccess files; period. This option only enables/disables suexec if all
other suexec requirements are met (must be u+s root, etc).
-- TEAR HERE --
diff -r -u apache_1.3.2/src/include/http_core.h apache_1.3.2.new/src/include/http_core.h
--- apache_1.3.2/src/include/http_core.h Wed Aug 26 16:01:21 1998
+++ apache_1.3.2.new/src/include/http_core.h Tue Sep 29 15:16:21 1998
@@ -85,6 +85,8 @@
#define OPT_MULTI 128
#define OPT_ALL (OPT_INDEXES|OPT_INCLUDES|OPT_SYM_LINKS|OPT_EXECCGI)
+#define OPT_NOSUEXEC 256
+
/* options for get_remote_host() */
/* REMOTE_HOST returns the hostname, or NULL if the hostname
* lookup fails. It will force a DNS lookup according to the
@@ -165,7 +167,7 @@
/* Per-directory configuration */
-typedef unsigned char allow_options_t;
+typedef unsigned int allow_options_t;
typedef unsigned char overrides_t;
typedef struct {
diff -r -u apache_1.3.2/src/main/http_core.c apache_1.3.2.new/src/main/http_core.c
--- apache_1.3.2/src/main/http_core.c Tue Sep 29 17:03:11 1998
+++ apache_1.3.2.new/src/main/http_core.c Tue Sep 29 16:25:53 1998
@@ -1000,7 +1000,10 @@
else if (!strcasecmp(w, "All")) {
opt = OPT_ALL;
}
- else {
+ /* permit Options NoSuExec only inside <Directory> or <Location> */
+ else if (!strcasecmp(w, "NoSuExec") && (cmd->override & ACCESS_CONF)) {
+ opt = OPT_NOSUEXEC;
+ } else {
return ap_pstrcat(cmd->pool, "Illegal option ", w, NULL);
}
diff -r -u apache_1.3.2/src/main/util_script.c apache_1.3.2.new/src/main/util_script.c
--- apache_1.3.2/src/main/util_script.c Mon Sep 14 12:10:22 1998
+++ apache_1.3.2.new/src/main/util_script.c Mon Sep 28 18:11:45 1998
@@ -687,6 +687,8 @@
char **env, int shellcmd)
{
int pid = 0;
+ int use_suexec;
+
#if defined(RLIMIT_CPU) || defined(RLIMIT_NPROC) || \
defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined (RLIMIT_AS)
@@ -1091,7 +1093,12 @@
return (pid);
}
#else
- if (ap_suexec_enabled
+ if (ap_allow_options(r) & OPT_NOSUEXEC)
+ use_suexec = 0;
+ else
+ use_suexec = ap_suexec_enabled;
+
+ if (use_suexec
&& ((r->server->server_uid != ap_user_id)
|| (r->server->server_gid != ap_group_id)
|| (!strncmp("/~", r->uri, 2)))) {
diff -r -u apache_1.3.2/src/modules/standard/mod_cgi.c apache_1.3.2.new/src/modules/standard/mod_cgi.c
--- apache_1.3.2/src/modules/standard/mod_cgi.c Thu Sep 3 18:40:42 1998
+++ apache_1.3.2.new/src/modules/standard/mod_cgi.c Mon Sep 28 18:18:00 1998
@@ -358,6 +358,7 @@
void *sconf = r->server->module_config;
cgi_server_conf *conf =
(cgi_server_conf *) ap_get_module_config(sconf, &cgi_module);
+ int suexec_explicit_off = 0;
struct cgi_child_stuff cld;
@@ -382,6 +383,9 @@
return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
"attempt to include NPH CGI script");
+ if (ap_allow_options(r) & OPT_NOSUEXEC)
+ suexec_explicit_off = 1;
+
#if defined(OS2) || defined(WIN32)
/* Allow for cgi files without the .EXE extension on them under OS/2 */
if (r->finfo.st_mode == 0) {
@@ -402,7 +406,7 @@
if (S_ISDIR(r->finfo.st_mode))
return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
"attempt to invoke directory as script");
- if (!ap_suexec_enabled) {
+ if (!ap_suexec_enabled || suexec_explicit_off) {
if (!ap_can_exec(&r->finfo))
return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
"file permissions deny server execution");
Acknowledgement sent to Floody G <flood@evcom.net>
:
New bug report received and forwarded. Copy sent to Johnie Ingram <johnie@debian.org>
.
Full text available.
Report forwarded to debian-bugs-dist@lists.debian.org, Johnie Ingram <johnie@debian.org>
:
Bug#27234
; Package apache
.
Full text available.
Ian Jackson
/
owner@bugs.debian.org,
through the Debian bug database
Last modified:
12:39:00 GMT Wed 07 Oct
(timestamp page available).