Martin DiViaio on Tue, 12 Feb 2002 21:50:41 +0100


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] A suEXEC Question 

Ok, I'm doing something that every piece of documentation I've seen says I
absolutly should not do. I'm considering modifying the security model for
suEXEC on Apache. I've combed Apache's main site and done several
different searches at google without any real results. I would greatly
appreciate it if someone could tell me if I am at least headed in the
right direction or have completely fallen off my rocker.

My problem is the DOC_ROOT setting for virtual hosts. I need it to be
somewhat variable because I have several virtual hosts that need to exist
outside of the main server's docroot. (In users' home directories.)

In suexec.c I found the following after suexec switches to the target
user:
      if (userdir) {
        if (((chdir(target_homedir)) != 0) ||
            ((chdir(USERDIR_SUFFIX)) != 0) ||
            ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
            ((chdir(cwd)) != 0)) {
            log_err("emerg: cannot get docroot information (%s)\n",
                    target_homedir);
            exit(112);
        }
      }
    else {
        if (((chdir(DOC_ROOT)) != 0) ||
            ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
            ((chdir(cwd)) != 0)) {
            log_err("emerg: cannot get docroot information (%s)\n", DOC_ROOT);
            exit(113);
        }
    }

A quick explaination:
userdir is a switch that is set during the test to see if the URL is a
user directory url (i.e /~username/whatever).
target_homedir is the home directory that is retrieved from the password
file while suexec was running as root.
USERDIR_SUFFIX is the --suexec-userdir option macro that is set at compile
time for Apache.

What I want to change it to is:
      if (((chdir(target_homedir)) != 0) ||
          ((chdir(USERDIR_SUFFIX)) != 0) ||
          ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
          ((chdir(cwd)) != 0)) {
          log_err("emerg: cannot get docroot information (%s)\n",
                  target_homedir);
          exit(112);
      }

This would force suexec to only operate (in my configs case)
/home/user/public_html/cgi-bin at all times.

The only caveat I see here is that I will break the default server's CGI
access (not a real problem.)

I am probably missing something here as this seems too simple a fix for
this type of problem. Anyone willing to give me a sharp kick about this?



______________________________________________________________________
Philadelphia Linux Users Group       -      http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion  -  http://lists.phillylinux.org/mail/listinfo/plug