Bug#72695: marked as done (Apache: Not possible to execute CGI-Sripte in ~userdir)
Your message dated Wed, 19 Nov 2003 06:06:38 +0100 (CET)
with message-id <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net>
and subject line upstream report
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 28 Sep 2000 14:15:22 +0000
>From h.kreiser@gsi.de Thu Sep 28 09:15:22 2000
Return-path: <h.kreiser@gsi.de>
Received: from wnt006.gsi.de (WNTMAILSV.gsi.de) [::ffff:140.181.106.209]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 13eeT3-0004XQ-00; Thu, 28 Sep 2000 09:15:21 -0500
Received: from gsi.de (lxi000.gsi.de [140.181.102.55]) by WNTMAILSV.gsi.de with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.10)
id RCZSVQZJ; Thu, 28 Sep 2000 16:15:18 +0200
Sender: kreiser
Message-ID: <39D35276.B46E7DFC@gsi.de>
Date: Thu, 28 Sep 2000 16:15:18 +0200
From: Helmut Kreiser <h.kreiser@gsi.de>
Organization: GSI -Darmstadt, Division DV/EE
X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.17 i686)
X-Accept-Language: en
MIME-Version: 1.0
To: submit@bugs.debian.org
Subject: Apache: Not possible to execute CGI-Sripte in ~userdir
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Delivered-To: submit@bugs.debian.org
Package: Apache
Version: 1.3.9-13.1
It is not possible, to execute .cgi scripte in ~userdir
(http://server/~user/all.cgi)
If i define the dir in Apache to get direct access, all scripts works well
(http://server/user/all.cgi)
Configuration Part from apache:
# User dir definition (~user)
Userdir /www/*/web-docs
# Direct access
Alias /user/ "/www/user/web-docs/"
Alias /user "/www/user/web-docs/"
<Directory /www/user/web-docs>
</Directory>
Error Text:
-------------
Internal Server Error
The server encountered an internal error or misconfiguration and was unable
to complete your request.
Please contact the server administrator, h.kreiser@gsi.de and inform them of
the time the error occurred, and anything you might have done that may have
caused the error.
More information about this error may be available in the server error log.
--------------
Error message from log-file:
[Thu Sep 28 16:09:32 2000] [error] [client 140.181.102.55] Premature end of
script headers: /www/kreiser/web-docs/all.cgi
------------------
This works in previous installed apache version 1.3.4
We are using Debian 2.2, Kernel 2.2.17
libc-2.1.3
This is perl, version 5.005_03 built for i386-linux
Hardware is Intel PIII, 450 MHz
Best regards
Helmut Kreiser
--
------------------------------------------------------------------------
G S I -- Gesellschaft fuer Schwerionenforschung
Dr. Helmut Kreiser e-Mail: h.kreiser@gsi.de
-DV&EE- Computing
System Manager DEC/OpenVMS and Linux
Bldg. Sued C, 1.251
Planckstr.1 Tel.: 49-(0)6159-71-2517
D-64291 Darmstadt Fax.: 49-(0)6159-71-2986
------------------------------------------------------------------------
---------------------------------------
Received: (at 63974-done) by bugs.debian.org; 19 Nov 2003 05:06:43 +0000
>From fabbione@fabbione.net Tue Nov 18 23:06:43 2003
Return-path: <fabbione@fabbione.net>
Received: from port5.ds1-sby.adsl.cybercity.dk (trider-g7.fabbione.net) [212.242.169.198]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1AMKY3-0002B5-00; Tue, 18 Nov 2003 23:06:40 -0600
Received: from trider-g7.ext.fabbione.net (port5.ds1-sby.adsl.cybercity.dk [212.242.169.198])
by trider-g7.fabbione.net (Postfix) with ESMTP id D9F6A16;
Wed, 19 Nov 2003 06:06:38 +0100 (CET)
Date: Wed, 19 Nov 2003 06:06:38 +0100 (CET)
From: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Sender: fabbione@trider-g7.ext.fabbione.net
To: 63974-done@bugs.debian.org, 63975-done@bugs.debian.org,
68990-done@bugs.debian.org, 72695-done@bugs.debian.org
Subject: upstream report
Message-ID: <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=iso-8859-1
Content-Transfer-Encoding: QUOTED-PRINTABLE
Delivered-To: 63974-done@bugs.debian.org
X-Spam-Status: No, hits=0.0 required=4.0
tests=none
version=2.53-bugs.debian.org_2003_11_15
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_11_15 (1.174.2.15-2003-03-30-exp)
Hi all,
=09upstream has decided NOT to fix this problems due to security
issue implied in doing so.
Quoting from: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3D24218
------- Additional Comments From Andr=E9 Malo 2003-10-29 14:55 -------
Sorry, this behaviour won't be changed. All parameters can be configured
at compile time. Since suexec is setuid root, every runtime config stuff
would be quite dangerous.
Therefor i am closing these Debian bugs.
Thanks
Fabio
--=20
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues
http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html
Reply to: