Received: (qmail 29975 invoked by uid 2012); 18 Aug 1999 19:57:28 -0000 Message-Id: <19990818195728.29974.qmail@hyperreal.org> Date: 18 Aug 1999 19:57:28 -0000 From: Lane Rettig Reply-To: lane@rettig.com To: apbugs@hyperreal.org Subject: suexec permission denied to logfile write after exec error X-Send-Pr-Version: 3.2 >Number: 4876 >Category: suexec >Synopsis: suexec permission denied to logfile write after exec error >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Aug 18 14:10:00 PDT 1999 >Closed-Date: Fri Jan 07 14:41:52 PST 2000 >Last-Modified: Fri Jan 07 14:41:52 PST 2000 >Originator: lane@rettig.com >Release: 1.3.6 >Organization: >Environment: Linux 2.0.36 #4 i686 unknown RedHat 5.2 >Description: If suexec, while executing a CGI script, fails (after suexec has setuid'ed), it has already setuid'ed to another system user, so that it no longer has permission to log errors to its log (LOG_EXEC). The only way to currently get around this is to chmod said error log 666 or better, thereby providing *EVERY* system user write access to the file (not necessarily a security exploit in its own nature, but a major inconvenience at the least). It'd be much smarter if suexec could setuid once more, back to its original execution uid, if it encounters an error running its assigned program. I'm not a very experienced C programmer, so I can't provide code to do this (nor am I sure it's entirely possible), but it's something which should be worked around nonetheless (and I have yet to find a workaround myself). Is it necessary for suexec to setuid to the UID of the program it's supposed to execute? Could suexec be modified to simply execute said program as the specified UID/GID? Any help would be greatly appreciated; thanks for your time! >How-To-Repeat: N/A >Fix: It'd be much smarter if suexec could setuid once more, back to its original execution uid, if it encounters an error running its assigned program. I'm not a very experienced C programmer, so I can't provide code to do this (nor am I sure it's entirely possible), but it's something which should be worked around nonetheless (and I have yet to find a workaround myself). Is it necessary for suexec to setuid to the UID of the program it's supposed to execute? Could suexec be modified to simply execute said program as the specified UID/GID? >Release-Note: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: coar State-Changed-When: Fri Jan 7 14:41:52 PST 2000 State-Changed-Why: No, suexec cannot change its UID back; that would defeat its entire purpose. The reporting of the error should be fixed now, as of Apache 1.3.9. Please upgrade and re-test. >Unformatted: [In order for any reply to be added to the PR database, you need] [to include in the Cc line and make sure the] [subject line starts with the report component and number, with ] [or without any 'Re:' prefixes (such as "general/1098:" or ] ["Re: general/1098:"). If the subject doesn't match this ] [pattern, your message will be misfiled and ignored. The ] ["apbugs" address is not added to the Cc line of messages from ] [the database automatically because of the potential for mail ] [loops. If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request from a ] [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]