]>
Commit | Line | Data |
---|---|---|
64d88c01 MK |
1 | diff -urNp httpd-2.4.4.orig/support/suexec.c httpd-2.4.4/support/suexec.c |
2 | --- httpd-2.4.4.orig/support/suexec.c 2012-12-03 16:33:42.000000000 +0000 | |
3 | +++ httpd-2.4.4/support/suexec.c 2013-07-11 11:49:54.250178570 +0000 | |
4 | @@ -240,6 +240,21 @@ static void clean_env(void) | |
0f5c61f6 | 5 | environ = cleanenv; |
6 | } | |
7 | ||
8 | +/* | |
9 | + * Return the `basename' of the pathname in STRING (the stuff after | |
10 | + * the last '/'). If STRING is `/', just return it. Taken from bash. | |
11 | + */ | |
12 | +char *base_pathname(char *string) | |
13 | +{ | |
14 | + char *p; | |
15 | + | |
16 | + if (string[0] == '/' && string[1] == 0) | |
17 | + return (string); | |
18 | + | |
19 | + p = (char *)strrchr (string, '/'); | |
20 | + return (p ? ++p : string); | |
21 | +} | |
22 | + | |
23 | int main(int argc, char *argv[]) | |
24 | { | |
25 | int userdir = 0; /* ~userdir flag */ | |
64d88c01 | 26 | @@ -255,6 +270,7 @@ int main(int argc, char *argv[]) |
0f5c61f6 | 27 | char dwd[AP_MAXPATH]; /* docroot working directory */ |
28 | struct passwd *pw; /* password entry holder */ | |
29 | struct group *gr; /* group entry holder */ | |
30 | + struct passwd tpw; /* tmp password entry holder */ | |
31 | struct stat dir_info; /* directory info holder */ | |
32 | struct stat prg_info; /* program info holder */ | |
33 | ||
64d88c01 | 34 | @@ -375,8 +391,23 @@ int main(int argc, char *argv[]) |
0f5c61f6 | 35 | } |
36 | else { | |
37 | if ((pw = getpwuid(atoi(target_uname))) == NULL) { | |
38 | - log_err("invalid target user id: (%s)\n", target_uname); | |
39 | - exit(121); | |
40 | + /* | |
41 | + * If called as suexec.fcgi ignore if there is no passwd | |
42 | + * entry for specified UID. Also bail out if UID = 0. | |
43 | + */ | |
64d88c01 | 44 | + if(!strcmp(base_pathname(argv[0]),"suexec.fcgi")) { |
0f5c61f6 | 45 | + tpw.pw_name = strdup(target_uname); |
46 | + tpw.pw_uid = atoi(target_uname); | |
47 | + tpw.pw_dir = (char *)"/tmp"; | |
48 | + pw = &tpw; | |
49 | + if (tpw.pw_uid <= 0) { | |
50 | + log_err("invalid target user id: (%s)\n", target_uname); | |
51 | + exit(121); | |
52 | + } | |
53 | + } else { | |
54 | + log_err("invalid target user id: (%s)\n", target_uname); | |
55 | + exit(121); | |
56 | + } | |
57 | } | |
58 | } | |
59 | ||
64d88c01 | 60 | @@ -555,20 +586,24 @@ int main(int argc, char *argv[]) |
0f5c61f6 | 61 | } |
62 | ||
63 | /* | |
64 | - * Error out if the target name/group is different from | |
65 | - * the name/group of the cwd or the program. | |
66 | - */ | |
67 | - if ((uid != dir_info.st_uid) || | |
68 | - (gid != dir_info.st_gid) || | |
69 | - (uid != prg_info.st_uid) || | |
70 | - (gid != prg_info.st_gid)) { | |
64d88c01 MK |
71 | - log_err("target uid/gid (%lu/%lu) mismatch " |
72 | - "with directory (%lu/%lu) or program (%lu/%lu)\n", | |
73 | - (unsigned long)uid, (unsigned long)gid, | |
74 | - (unsigned long)dir_info.st_uid, (unsigned long)dir_info.st_gid, | |
75 | - (unsigned long)prg_info.st_uid, (unsigned long)prg_info.st_gid); | |
0f5c61f6 | 76 | - exit(120); |
77 | + * If not called as suexec.fcgi error out if the target | |
78 | + * name/group is different from the name/group of the cwd | |
79 | + * or the program. | |
80 | + */ | |
64d88c01 | 81 | + if(strcmp(base_pathname(argv[0]),"suexec.fcgi")) { |
0f5c61f6 | 82 | + if ((uid != dir_info.st_uid) || |
83 | + (gid != dir_info.st_gid) || | |
84 | + (uid != prg_info.st_uid) || | |
85 | + (gid != prg_info.st_gid)) { | |
64d88c01 MK |
86 | + log_err("target uid/gid (%lu/%lu) mismatch " |
87 | + "with directory (%lu/%lu) or program (%lu/%lu)\n", | |
88 | + (unsigned long)uid, (unsigned long)gid, | |
89 | + (unsigned long)dir_info.st_uid, (unsigned long)dir_info.st_gid, | |
90 | + (unsigned long)prg_info.st_uid, (unsigned long)prg_info.st_gid); | |
0f5c61f6 | 91 | + exit(120); |
92 | + } | |
93 | } | |
94 | + | |
95 | /* | |
96 | * Error out if the program is not executable for the user. | |
97 | * Otherwise, she won't find any error in the logs except for |