Bug#63975: marked as done (apache-common: suEXEC does not work correctly)

To: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Cc: Debian Apache Maintainers <debian-apache@lists.debian.org>
Subject: Bug#63975: marked as done (apache-common: suEXEC does not work correctly)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 18 Nov 2003 23:18:05 -0600
Message-id: <[🔎] handler.63975.D63974.10692184038449.ackdone@bugs.debian.org>
In-reply-to: <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net>
References: <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net> <m12pwTv-000JifC@cabezon.gsi.dit.upm.es>

Your message dated Wed, 19 Nov 2003 06:06:38 +0100 (CET)
with message-id <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net>
and subject line upstream report
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 11 May 2000 17:11:00 +0000
>From jfs@gsi.dit.upm.es Thu May 11 12:11:00 2000
Received: from fortuny.gsi.dit.upm.es [138.4.54.4] 
	by master.debian.org with esmtp (Exim 3.12 #2 (Debian))
	id 12pwUC-0007sz-00; Thu, 11 May 2000 12:10:58 -0500
Received: from cabezon.gsi.dit.upm.es (cabezon.gsi.dit.upm.es [138.4.54.31])
	by fortuny.gsi.dit.upm.es (8.9.1/8.9.1) with ESMTP id TAA23620;
	Thu, 11 May 2000 19:10:41 +0200 (MET DST)
Received: by gsi.dit.upm.es
	via sendmail from stdin
	id <m12pwTv-000JifC@cabezon.gsi.dit.upm.es> (Debian Smail3.2.0.102)
	for submit@bugs.debian.org; Thu, 11 May 2000 19:10:39 +0200 (CEST) 
Message-Id: <m12pwTv-000JifC@cabezon.gsi.dit.upm.es>
Date: Thu, 11 May 2000 19:10:39 +0200 (CEST)
From: <jfs@gsi.dit.upm.es>
Subject: apache-common: suEXEC does not work correctly
To: submit@bugs.debian.org
X-Mailer: bug 3.2.10
Delivered-To: submit@bugs.debian.org

Package: apache-common
Version: 1.3.9-12
Severity: normal

	If user directory in Apache is not set to public_html (for example
if set to lib/www) suEXEC will fail with a "cannot get docroot directory).
Looking at the sources it seems that suEXEC (suexec.h) has the USER_DIR
hardcoded to public_html.
	A fix is to do a 
ln -s ~/lib/www public_html
	So suEXEC can find the dir it looks for.
	However a *real* fix would be needed in order for suEXEC to take the
USER_DIR from apache's srm.conf instead of being hard-coded in it

	Regards

	Javi


-- System Information
Debian Release: 2.2
Kernel Version: Linux cabezon 2.2.13 #1 Sat Nov 20 12:44:19 EST 1999 i686 unknown

Versions of the packages apache-common depends on:
ii  libc6          2.1.3-7        GNU C Library: Shared libraries and Timezone
ii  libdb2         2.4.14-9       The Berkeley database routines (run-time fil
ii  libgdbmg1      1.7.3-26.2     GNU dbm database routines (runtime version).
perl	Not installed or no info
ii  perl-5.004     5.004.05-6     Larry Wall's Practical Extracting and Report
	^^^ (Provides virtual package perl5)

---------------------------------------
Received: (at 63974-done) by bugs.debian.org; 19 Nov 2003 05:06:43 +0000
>From fabbione@fabbione.net Tue Nov 18 23:06:43 2003
Return-path: <fabbione@fabbione.net>
Received: from port5.ds1-sby.adsl.cybercity.dk (trider-g7.fabbione.net) [212.242.169.198] 
	by master.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1AMKY3-0002B5-00; Tue, 18 Nov 2003 23:06:40 -0600
Received: from trider-g7.ext.fabbione.net (port5.ds1-sby.adsl.cybercity.dk [212.242.169.198])
	by trider-g7.fabbione.net (Postfix) with ESMTP id D9F6A16;
	Wed, 19 Nov 2003 06:06:38 +0100 (CET)
Date: Wed, 19 Nov 2003 06:06:38 +0100 (CET)
From: Fabio Massimo Di Nitto <fabbione@fabbione.net>
Sender: fabbione@trider-g7.ext.fabbione.net
To: 63974-done@bugs.debian.org, 63975-done@bugs.debian.org,
	68990-done@bugs.debian.org, 72695-done@bugs.debian.org
Subject: upstream report
Message-ID: <Pine.LNX.4.58.0311190603580.20321@trider-g7.ext.fabbione.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=iso-8859-1
Content-Transfer-Encoding: QUOTED-PRINTABLE
Delivered-To: 63974-done@bugs.debian.org
X-Spam-Status: No, hits=0.0 required=4.0
	tests=none
	version=2.53-bugs.debian.org_2003_11_15
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_11_15 (1.174.2.15-2003-03-30-exp)


Hi all,
=09upstream has decided NOT to fix this problems due to security
issue implied in doing so.

Quoting from: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3D24218

------- Additional Comments From Andr=E9 Malo 2003-10-29 14:55 -------

Sorry, this behaviour won't be changed. All parameters can be configured
at compile time. Since suexec is setuid root, every runtime config stuff
would be quite dangerous.

Therefor i am closing these Debian bugs.

Thanks
Fabio

--=20
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html

Reply to:

Prev by Date: Bug#63974: marked as done (apache-common: Suexec doesnt go if userdir is not public_html)
Next by Date: Bug#72695: marked as done (Apache: Not possible to execute CGI-Sripte in ~userdir)
Previous by thread: Bug#63974: marked as done (apache-common: Suexec doesnt go if userdir is not public_html)
Next by thread: Bug#72695: marked as done (Apache: Not possible to execute CGI-Sripte in ~userdir)
Index(es):
- Date
- Thread