Bug#63974: marked as done (apache-common: Suexec doesnt go if userdir is not public_html)

To: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Cc: Debian Apache Maintainers <debian-apache@lists.debian.org>
Subject: Bug#63974: marked as done (apache-common: Suexec doesnt go if userdir is not public_html)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 18 Nov 2003 23:18:05 -0600
Message-id: <[🔎] handler.63974.D63974.10692184038449.ackdone@bugs.debian.org>
In-reply-to: <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net>
References: <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net> <200005111702.TAA09395@kraus.gsi.dit.upm.es>

Your message dated Wed, 19 Nov 2003 06:06:38 +0100 (CET)
with message-id <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net>
and subject line upstream report
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 11 May 2000 17:08:46 +0000
>From anieto@gsi.dit.upm.es Thu May 11 12:08:45 2000
Received: from fortuny.gsi.dit.upm.es [138.4.54.4] 
	by master.debian.org with esmtp (Exim 3.12 #2 (Debian))
	id 12pwRy-0007XZ-00; Thu, 11 May 2000 12:08:40 -0500
Received: from kraus.gsi.dit.upm.es (root@kraus.gsi.dit.upm.es [138.4.54.38])
	by fortuny.gsi.dit.upm.es (8.9.1/8.9.1) with ESMTP id TAA23553;
	Thu, 11 May 2000 19:07:31 +0200 (MET DST)
From: "Amalio F. Nieto Serrano" <anieto@gsi.dit.upm.es>
Received: (from anieto@localhost)
	by kraus.gsi.dit.upm.es (8.9.3/8.9.3/Debian/GNU) id TAA09395;
	Thu, 11 May 2000 19:02:42 +0200
Date: Thu, 11 May 2000 19:02:42 +0200
Message-Id: <200005111702.TAA09395@kraus.gsi.dit.upm.es>
Subject: apache-common: Suexec doesnt go if userdir is not public_html
To: submit@bugs.debian.org
X-Mailer: bug 3.2.10
Delivered-To: submit@bugs.debian.org

Package: apache-common
Version: 1.3.9-13.1
Severity: normal

 If userdirs are set in apache to something else than public_html (for
 example lib/www) suexec will fail to work giving a 
 [2000-05-11 18:56:46]: cannot get docroot information (/usr/home/garfield)
 Looking at suEXEC sources it seems that it has hardcoded the public_html
 directory as the way to look for user dirs... if you set a 
 ln -s ~/lib/www public_html 
 suexec will work fine.

 Please move suEXEC info on userdirs to a config file, or make it retrieve
 it from apache's info (access.conf) on execution.

 Regards

 Amalio

-- System Information
Debian Release: 2.2
Kernel Version: Linux kraus 2.2.13 #1 Sun Jan 30 09:02:43 CET 2000 i686 unknown

Versions of the packages apache-common depends on:
ii  libc6          2.1.3-7        GNU C Library: Shared libraries and Timezone
ii  libdb2         2.4.14-2.7.7.1 The Berkeley database routines (run-time fil
ii  libgdbmg1      1.7.3-26.2     GNU dbm database routines (runtime version).
ii  perl-5.004     5.004.05-6     Larry Wall's Practical Extracting and Report
	^^^ (Provides virtual package perl5)
perl	Not installed or no info

---------------------------------------
Received: (at 63974-done) by bugs.debian.org; 19 Nov 2003 05:06:43 +0000
>From fabbione@fabbione.net Tue Nov 18 23:06:43 2003
Return-path: <fabbione@fabbione.net>
Received: from port5.ds1-sby.adsl.cybercity.dk (trider-g7.fabbione.net) [212.242.169.198] 
	by master.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1AMKY3-0002B5-00; Tue, 18 Nov 2003 23:06:40 -0600
Received: from trider-g7.ext.fabbione.net (port5.ds1-sby.adsl.cybercity.dk [212.242.169.198])
	by trider-g7.fabbione.net (Postfix) with ESMTP id D9F6A16;
	Wed, 19 Nov 2003 06:06:38 +0100 (CET)
Date: Wed, 19 Nov 2003 06:06:38 +0100 (CET)
From: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Sender: fabbione@trider-g7.ext.fabbione.net
To: 63974-done@bugs.debian.org, 63975-done@bugs.debian.org,
	68990-done@bugs.debian.org, 72695-done@bugs.debian.org
Subject: upstream report
Message-ID: <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=iso-8859-1
Content-Transfer-Encoding: QUOTED-PRINTABLE
Delivered-To: 63974-done@bugs.debian.org
X-Spam-Status: No, hits=0.0 required=4.0
	tests=none
	version=2.53-bugs.debian.org_2003_11_15
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_11_15 (1.174.2.15-2003-03-30-exp)


Hi all,
=09upstream has decided NOT to fix this problems due to security
issue implied in doing so.

Quoting from: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3D24218

------- Additional Comments From Andr=E9 Malo 2003-10-29 14:55 -------

Sorry, this behaviour won't be changed. All parameters can be configured
at compile time. Since suexec is setuid root, every runtime config stuff
would be quite dangerous.

Therefor i am closing these Debian bugs.

Thanks
Fabio

--=20
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html

Reply to:

Prev by Date: Processed: reassign
Next by Date: Bug#63975: marked as done (apache-common: suEXEC does not work correctly)
Previous by thread: Processed: reassign
Next by thread: Bug#63975: marked as done (apache-common: suEXEC does not work correctly)
Index(es):
- Date
- Thread