From nobody@hyperreal.com Wed Apr 9 08:22:44 1997 Received: (from nobody@localhost) by hyperreal.com (8.8.4/8.8.4) id IAA23561; Wed, 9 Apr 1997 08:22:44 -0700 (PDT) Message-Id: <199704091522.IAA23561@hyperreal.com> Date: Wed, 9 Apr 1997 08:22:44 -0700 (PDT) From: Dale Bewley Reply-To: dale@bewley.net To: apbugs@hyperreal.com Subject: suexec will not allow QUERY_STRINGS X-Send-Pr-Version: 3.2 >Number: 339 >Category: suexec >Synopsis: suexec will not allow QUERY_STRINGS >Confidential: no >Severity: critical >Priority: medium >Responsible: apache >State: closed >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Apr 9 08:30:02 1997 >Last-Modified: Sat Apr 26 23:59:21 PDT 1997 >Originator: dale@bewley.net >Organization: >Release: 1.2b8 >Environment: RedHat 4.1 >Description: CGIs seem to work fine until you add a ?query_string to them. Below are relevant entries from the SuExec cgi.log WithOUT a query string [10:25:08 09-04-97]: uid: (dale/dale) gid: (dale/dale) suexec-bug.cgi WITH a query string [10:25:13 09-04-97]: invalid target user name: (\~dale) Relevant entry from the ScriptLog %% [Wed Apr 9 10:25:13 1997] GET /~dale/suexec-bug.cgi?blah HTTP/1.0 %% 500 /home/dale/www/suexec-bug.cgi %request Connection: Keep-Alive User-Agent: Mozilla/4.0b2 (X11; I; SunOS 5.4 sun4m) Pragma: no-cache Host: www.bewley.net Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */* %response >How-To-Repeat: http://www.bewley.net/~dale/suexec-bug.cgi http://www.bewley.net/~dale/suexec-bug.cgi?foo >Fix: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: fielding State-Changed-When: Sat Apr 26 23:59:21 PDT 1997 State-Changed-Why: A fix for this problem has been included in 1.2b9. Thanks for using Apache. >Unformatted: