From apwww@hyperreal.org Wed Aug 27 20:12:33 1997 Received: (from apwww@localhost) by hyperreal.org (8.8.5/8.8.5) id UAA04327; Wed, 27 Aug 1997 20:12:33 -0700 (PDT) Message-Id: <199708280312.UAA04327@hyperreal.org> Date: Wed, 27 Aug 1997 20:12:33 -0700 (PDT) From: Bryan Campbell Reply-To: civil@fidnet.com To: apbugs@hyperreal.org Subject: includesNOEXEC does not shut off "exec cmd" . . . X-Send-Pr-Version: 3.2 >Number: 1066 >Category: mod_include >Synopsis: includesNOEXEC does not shut off "exec cmd" . . . >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: closed >Class: support >Submitter-Id: apache >Arrival-Date: Wed Aug 27 20:20:02 1997 >Originator: civil@fidnet.com >Organization: >Release: 1.2.4 >Environment: Solaris 2.5 w/ recommended jumbo patch gcc 2.7.2 SunOS mustang 5.5 Generic_103093-13 sun4m sparc SUNW,SPARCstation-5 >Description: Install 1.2.4 with includesNOEXEC and call a bit of server parsed html with (or any other system command . . . i.e. xterm, finger . . . etc.) If you don't get the date, please tell me why. access.conf included below # access.conf: Global access configuration # Online docs at http://www.apache.org/ # This file defines server settings which affect which types of services # are allowed, and in what circumstances. # Each directory to which Apache has access, can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # Originally by Rob McCool # This should be changed to whatever you set DocumentRoot to. # This may also be "None", "All", or any combination of "Indexes", # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you (or at least, not yet). Options Indexes FollowSymLinks IncludesNOEXEC # This controls which options the .htaccess files in directories can # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" AllowOverride None # Controls who can get stuff from this server. order allow,deny allow from all # /usr/local/etc/httpd/cgi-bin should be changed to whatever your ScriptAliased # CGI directory exists, if you have that configured. AllowOverride None Options None # Allow server status reports, with the URL of http://servername/server-status # Change the ".your_domain.com" to match your domain to enable. # #SetHandler server-status #order deny,allow #deny from all #allow from .your_domain.com # # You may place any other directories or locations you wish to have # access information for after this one. >How-To-Repeat: >Fix: >Audit-Trail: State-Changed-From-To: open-analyzed State-Changed-By: marc State-Changed-When: Wed Aug 27 21:02:28 PDT 1997 State-Changed-Why: And what URL are you trying to access? If it is something under /~fidelity/, then what does "echo ~fidelity" return? That is the path you have to use; /home may be a symlink, in which case your restriction would be for the wrong directory. State-Changed-From-To: analyzed-closed State-Changed-By: marc State-Changed-When: Thu Aug 28 10:26:05 PDT 1997 State-Changed-Why: User config error. From: Marc Slemko To: Apache bugs database Subject: RE: mod_include/1066: includesNOEXEC does not shut off "exec cmd" . . . (fwd) Date: Thu, 28 Aug 1997 11:25:56 -0600 (MDT) ---------- Forwarded message ---------- Date: Thu, 28 Aug 1997 12:13:17 -0500 From: "Bryan B. Campbell" To: 'Marc Slemko' Subject: RE: mod_include/1066: includesNOEXEC does not shut off "exec cmd" . . . My apologies . . . I was using improper directory directives in the access.conf. If you do not limit things consistently across all directories then exec cmd will plague you even if your root directories are set for includesNOEXEC. -----Original Message----- From: Marc Slemko [SMTP:marc@hyperreal.org] Sent: Wednesday, August 27, 1997 11:03 PM To: apache-bugdb@apache.org; civil@fidnet.com; marc@apache.org Subject: Re: mod_include/1066: includesNOEXEC does not shut off "exec cmd" . . . Synopsis: includesNOEXEC does not shut off "exec cmd" . . . State-Changed-From-To: open-analyzed State-Changed-By: marc State-Changed-When: Wed Aug 27 21:02:28 PDT 1997 State-Changed-Why: And what URL are you trying to access? If it is something under /~fidelity/, then what does "echo ~fidelity" return? That is the path you have to use; /home may be a symlink, in which case your restriction would be for the wrong directory. >Unformatted: >Last-Modified: Thu Aug 28 10:26:06 PDT 1997