Received: (qmail 23871 invoked by uid 501); 18 Jan 2001 21:12:13 -0000 Message-Id: <20010118211213.23865.qmail@apache.org> Date: 18 Jan 2001 21:12:13 -0000 From: steeven Reply-To: steeven@kali.com.cn To: submit@bugz.apache.org Subject: Not secure enough X-Send-Pr-Version: 3.110 >Number: 7096 >Category: suexec >Synopsis: Not secure enough >Confidential: no >Severity: critical >Priority: medium >Responsible: apache >State: closed >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: apache >Arrival-Date: Thu Jan 18 13:20:02 PST 2001 >Closed-Date: Thu Jan 18 15:35:12 PST 2001 >Last-Modified: Thu Jan 18 15:35:12 PST 2001 >Originator: steeven@kali.com.cn >Release: * >Organization: >Environment: Linux 2.16 apache 1.3.14 >Description: before a CGI under /cgi-bin/ is called, both the cgi and the directory must be set to UID/GID equal to userid/grpid. if the cgi was changed by user, there will be securerity problem. On vitual host runing php, the php was compiled by root, If the owner of php was set to root.usergrpid, and chmod 710, the php cgi can not be changed by user to avoid securerity problem. plase check. thanks! >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: fanf State-Changed-When: Thu Jan 18 15:35:11 PST 2001 State-Changed-Why: If CGI security matters for you then please read the documentation for suexec. http://httpd.apache.org/docs/suexec.html Thanks for using Apache! >Unformatted: [In order for any reply to be added to the PR database, you need] [to include in the Cc line and make sure the] [subject line starts with the report component and number, with ] [or without any 'Re:' prefixes (such as "general/1098:" or ] ["Re: general/1098:"). If the subject doesn't match this ] [pattern, your message will be misfiled and ignored. The ] ["apbugs" address is not added to the Cc line of messages from ] [the database automatically because of the potential for mail ] [loops. If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request from a ] [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]