Bug#357561: Fix with patch
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
tags 357561 +patch
thanks
Replacing 033_-F_NO_SETSID with the attached patch which allows setsid()
to fail when do_detach == 0 should retain the fix for #244857 while also
closing the local root hole present with 033_-F_NO_SETSID.
514_nice_proxy_cache_cleanup also needs updating as it patches against
the same file (also attached).
I have prepared an NMU with the attached patches, which can be found at
http://mjj29.matthew.ath.cx/debian-upload/apache/. I hope that the RMs
will consider this change for etch as it closes a potential (if not
high-priority) root exploit in our apache package. I am not a DD, so I
shall be looking for a sponsor to upload this package if the apache
maintenance team don't do so first.
Matt
- --
Matthew Johnson
http://www.matthew.ath.cx/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFF3tKXpldmHVvob7kRAl3NAJ467Viwp2SA8miCeZ4DPogTAOxs7QCgy+cf
KqhjdLmai8JitwUgNHDMnwQ=
=EgvR
-----END PGP SIGNATURE-----
diff -Naurd build-tree.orig/apache_1.3.34/src/main/http_main.c build-tree/apache_1.3.34/src/main/http_main.c
--- build-tree.orig/apache_1.3.34/src/main/http_main.c 2005-04-05 13:21:33.000000000 +0100
+++ build-tree/apache_1.3.34/src/main/http_main.c 2007-02-23 10:26:42.419661192 +0000
@@ -3451,7 +3451,10 @@
if (!do_detach)
fprintf(stderr, "setsid() failed probably because you aren't "
"running under a process management tool like daemontools\n");
- exit(1);
+ /* Don't exit because of setsid() when we aren't
+ * detaching, it fails then anyway. */
+ else
+ exit(1);
}
#elif defined(NEXT) || defined(NEWSOS)
if (setpgrp(0, getpid()) == -1 || (pgrp = getpgrp(0)) == -1) {
diff -Naurd build-tree.orig/apache_1.3.34/src/modules/proxy/proxy_cache.c build-tree/apache_1.3.34/src/modules/proxy/proxy_cache.c
--- build-tree.orig/apache_1.3.34/src/modules/proxy/proxy_cache.c 2007-02-23 11:00:19.641729000 +0000
+++ build-tree/apache_1.3.34/src/modules/proxy/proxy_cache.c 2007-02-23 11:01:29.490094942 +0000
@@ -191,6 +191,7 @@
case 0: /* Child */
/* The setpgrp() stuff was snarfed from http_main.c */
+ nice(10);
#ifndef NO_SETSID
if ((pgrp = setsid()) == -1) {
perror("setsid");
Reply to: