From nobody@hyperreal.org Tue Jul 8 08:04:07 1997 Received: (from nobody@localhost) by hyperreal.org (8.8.5/8.8.5) id IAA27918; Tue, 8 Jul 1997 08:04:07 -0700 (PDT) Message-Id: <199707081504.IAA27918@hyperreal.org> Date: Tue, 8 Jul 1997 08:04:07 -0700 (PDT) From: Lars Eilebrecht Reply-To: sfx@unix-ag.org To: apbugs@hyperreal.org Subject: Bogus error_log entry X-Send-Pr-Version: 3.2 >Number: 840 >Category: mod_include >Synopsis: #include cmd="/directory" should report a more meaningful error in the log >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Class: change-request >Submitter-Id: apache >Arrival-Date: Tue Jul 8 08:10:02 1997 >Last-Modified: Sun Jul 20 21:05:41 PDT 1997 >Originator: sfx@unix-ag.org >Organization: >Release: 1.2.0 >Environment: Linux 2.0 i586 >Description: If someones uses (by mistake) something like this: the following entry appears in the error_log: "/bin/sh: /path/to/dir: is a directory" Without a leading date-entry and without a clue what include the invalid CGI reference contains. This also happens if the command is not executable (due to permissions). >How-To-Repeat: >Fix: Use stat on the supplied command-path and check permisions before calling /bin/sh >Audit-Trail: Synopsis-Changed-From: Bogus error_log entry Synopsis-Changed-To: #include cmd="/directory" should report a more meaningful error in the log Synopsis-Changed-By: coar Synopsis-Changed-When: Tue Jul 8 08:26:29 PDT 1997 Class-Changed-From-To: sw-bug-change-request Class-Changed-By: coar Class-Changed-When: Tue Jul 8 08:26:29 PDT 1997 State-Changed-From-To: open-closed State-Changed-By: brian State-Changed-When: Sun Jul 20 21:05:41 PDT 1997 State-Changed-Why: Improved error logging is coming to Apache; that should address your concern regarding trying to track down the source of that entry in the error log. Regarding checking what's passed to "cmd" by stat()'ing the file or something, that's tricky because /bin/sh can do many things with what's passed it on a command line; shell aliases are only one example. Thanks for your report! >Unformatted: