Bug#785740: apache2-suexec-custom always reads www-data config

To: submit@bugs.debian.org
Subject: Bug#785740: apache2-suexec-custom always reads www-data config
From: muench_horst@web.de
Date: Tue, 19 May 2015 20:39:54 +0200
Message-id: <[🔎] trinity-0acd157b-9665-4b04-aaba-8198609a8f5d-1432060794490@3capp-webde-bs24>
Reply-to: muench_horst@web.de, 785740@bugs.debian.org

Package: apache2-suexec-custom
Version: 2.4.10-10


The apache2-suexec-custom manpage says that suexec will read the calling user's /etc/apache2/suexec/username configuration file. Unfortunately, the calling user is always www-data, so it always ends up reading /etc/apache2/suexec/www-data regardless of the owner of the script being executed.

I think this is because the configuration filename is obtained by

asprintf(&filename, SUEXEC_CONFIG_DIR "%s", pw->pw_name)

where pw comes from

     uid = getuid();
     if ((pw = getpwuid(uid)) == NULL) {

right at the beginning of main() when uid is still that of www-data. It should be obtained from target_uname instead.

$ uname -v
#1 SMP Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24)

Reply to:

Follow-Ups:
- Bug#785740: marked as done (apache2-suexec-custom always reads www-data config)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#785729: apache2: certificate revocation list checking is not working with default configuration from default-ssl.conf
Next by Date: Bug#779359: Not just SquirrelMail
Previous by thread: Bug#785729: apache2: certificate revocation list checking is not working with default configuration from default-ssl.conf
Next by thread: Bug#785740: marked as done (apache2-suexec-custom always reads www-data config)
Index(es):
- Date
- Thread