Received: (qmail 11859 invoked from network); 14 May 1999 19:03:39 -0000 Message-Id: Date: Fri, 14 May 1999 12:03:36 -0700 (PDT) From: Tom Lear To: apbugs@apache.org Subject: suexec does not parse arguments to #exec cmd >Number: 4413 >Category: suexec >Synopsis: suexec does not parse arguments to #exec cmd >Confidential: yes >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Class: mistaken >Submitter-Id: unknown >Arrival-Date: Fri May 14 12:10:01 PDT 1999 >Last-Modified: Mon May 24 10:58:08 PDT 1999 >Originator: Tom Lear >Organization: >Release: >Environment: >Description: >How-To-Repeat: >Fix: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: coar State-Changed-When: Mon May 24 10:58:08 PDT 1999 State-Changed-Why: Text attached to correct PR. Originator-Changed-From-To: -Tom Lear Originator-Changed-By: coar Originator-Changed-When: Mon May 24 10:58:08 PDT 1999 Class-Changed-From-To: sw-bug-mistaken Class-Changed-By: coar Class-Changed-When: Mon May 24 10:58:08 PDT 1999 Severity-Changed-From-To: serious-non-critical Severity-Changed-By: coar Severity-Changed-When: Mon May 24 10:58:08 PDT 1999 Responsible-Changed-From-To: gnats-admin-apache Responsible-Changed-By: coar Responsible-Changed-When: Mon May 24 10:58:08 PDT 1999 Responsible-Changed-Why: Putting back in mainstream DB. Category-Changed-From-To: pending-suexec Category-Changed-By: coar Category-Changed-When: Mon May 24 10:58:08 PDT 1999 >Unformatted: The argument about filenames with spaces doesn't really apply, those spaces would have to be escaped to be handled properly by the shell (if suexec was off). The patch would only have to handle escaped spaces. This brings up an interesting point. If #exec is parsed by the shell without suexec it needs to be parsed just the same way with suexec. This is especially true since non ~userdir cgis under virtualhosts (or main servers) without User/Group directives will not run through suexec. - Tom