Bug#423638: marked as done (apache2.2-common: a2enmod uses relative path instead of absolute)

To: Stefan Fritsch <sf@debian.org>
Subject: Bug#423638: marked as done (apache2.2-common: a2enmod uses relative path instead of absolute)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 23 Jun 2007 19:09:03 +0000
Message-id: <[🔎] handler.423638.D423638.118262569325954.ackdone@bugs.debian.org>
References: <200706232108.11481.sf@debian.org> <4647265F.6010300@prometheus-designs.net>

Your message dated Sat, 23 Jun 2007 21:08:03 +0200
with message-id <200706232108.11481.sf@debian.org>
and subject line apache2.2-common: a2enmod uses relative path instead of absolute
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: submit@bugs.debian.org
Cc: debian-apache@lists.debian.org
Subject: apache2.2-common: a2enmod uses relative path instead of absolute
From: Alan LeVee <alan.levee@prometheus-designs.net>
Date: Sun, 13 May 2007 10:53:19 -0400
Message-id: <4647265F.6010300@prometheus-designs.net>
Reply-to: alan.levee@prometheus-designs.net

Package: apache2.2-common
Version: 2.2.3-4
Severity: Minor

The shell script `a2enmod` uses a relative path instead of an absolute
path when enabling modules. This is minor security concern as it could
cause any potential problems whilst running Apache by allowing path
traversal.

The following patch to fix the problem is included:

--- a2enmod     2007-05-13 10:46:21.000000000 -0400
+++ a2enmod.new 2007-05-13 10:46:42.000000000 -0400
@@ -43,7 +43,7 @@
 for i in conf load; do
         if [ -e $SYSCONFDIR/mods-available/$MODNAME.$i -a ! -e
$SYSCONFDIR/mods-enabled/$MODNAME.$i ]; then
         cd $SYSCONFDIR/mods-enabled;
-        ln -sf ../mods-available/$MODNAME.$i $MODNAME.$i;
+        ln -sf $SYSCONFDIR/mods-available/$MODNAME.$i $MODNAME.$i;
         fi
 done

As I said, this is a minor issue and probably trivial but I'm rather
uncomfortable with the fact that it uses a relative path rather than an
absolute one like a2ensite.

--- End Message ---

--- Begin Message ---

To: 423638-done@bugs.debian.org, 423638-submitter@bugs.debian.org

Subject: apache2.2-common: a2enmod uses relative path instead of absolute

From: Stefan Fritsch <sf@debian.org>

Date: Sat, 23 Jun 2007 21:08:03 +0200

Message-id: <200706232108.11481.sf@debian.org>
I agree that this is a purely aesthetic issue. There might even be 
reasons to use relative paths in the links (like running several 
apache instances with the config dir copied). Therefore, we will not 
change this.
Attachment: pgpMuE_vBAfVU.pgp
Description: PGP signature

--- End Message ---

Reply to:

Prev by Date: Processed: tagging 350286
Next by Date: Processed: bug 294648 is forwarded to http://issues.apache.org/bugzilla/show_bug.cgi?id=14090
Previous by thread: Processed: tagging 350286
Next by thread: Processed: bug 294648 is forwarded to http://issues.apache.org/bugzilla/show_bug.cgi?id=14090
Index(es):
- Date
- Thread