Re: [suPHP] Directory Owner checks

Sun, 31 May 2009 06:20:45 -0700 

I've written a patch for 0.7.1 to allow you to disable the check in  
the config file, this disables the owner check on the parent dirs  
only, all other checls are kept

to disable the check, put the following in your config file

check_parent_owner=false

--- src/Application.cpp 2009-03-15 04:55:25.000000000 +1100
+++ /var/root/Application.cpp   2009-05-31 22:54:16.000000000 +1000
@@ -548,7 +548,8 @@
          directory = directory.getParentDirectory();

          UserInfo directoryOwner = directory.getUser();
-        if (directoryOwner != owner && !directoryOwner.isSuperUser()) {
+        if (config.getCheckParentOwner()
+           && directoryOwner != owner && !directoryOwner.isSuperUser()) {
              std::string error = "Directory " + directory.getPath()
                  + " is not owned by " + owner.getUsername();
              logger.logWarning(error);
--- src/Configuration.cpp       2008-03-30 00:02:36.000000000 +1100
+++ /var/root/Configuration.cpp 2009-05-31 22:54:16.000000000 +1000
@@ -112,6 +112,7 @@
  #endif
      this->umask = 0077;
      this->chroot_path = "";
+    this->check_parent_owner = true;
  }

  void suPHP::Configuration::readFromFile(File& file)
@@ -157,6 +158,8 @@
                  this->umask = Util::octalStrToInt(value);
              else if (key == "chroot")
                  this->chroot_path = value;
+            else if (key == "check_parent_owner")
+                this->check_parent_owner = this->strToBool(value);
              else
                  throw ParsingException("Unknown option \"" + key +
                                         "\" in section [global]",
@@ -250,3 +253,7 @@
  std::string suPHP::Configuration::getChrootPath() const {
      return this->chroot_path;
  }
+
+bool suPHP::Configuration::getCheckParentOwner() const {
+    return this->check_parent_owner;
+}
--- src/Configuration.hpp       2008-03-30 00:02:36.000000000 +1100
+++ /var/root/Configuration.hpp 2009-05-31 22:54:16.000000000 +1000
@@ -51,6 +51,7 @@
          bool allow_directory_others_writeable;
          bool check_vhost_docroot;
          bool errors_to_browser;
+       bool check_parent_owner;
          std::string env_path;
          std::map<std::string, std::string> handlers;
          LogLevel loglevel;
@@ -166,6 +167,11 @@
           * Return chroot path
           */
          std::string getChrootPath() const;
+       
+       /**
+        * Return check if parent dirs owner match
+        */
+       bool getCheckParentOwner() const;
      };
  };

--- doc/suphp.conf-example      2008-04-01 06:14:47.000000000 +1100
+++ /var/root/suphp.conf-example        2009-05-31 23:00:43.000000000 +1000
@@ -38,6 +38,8 @@
  ; Minimum GID
  min_gid=100

+; Check parent dir ownership
+check_parent_owner=true

  [handlers]
  ;Handler for php-scripts


On 31/05/2009, at 10:03 PM, Dave D wrote:

> Hey Guys,
>
> Moving from 0.6.2 to 0.7.1 I noticed errors saying that the directory
> owner of the parent directory is not the same as the directory I'm
> trying to access.
>
> Due to the setup of my site, this is neccesary, and I'm wondering if
> there's any way to disable this option?
>
> Regards.
> --Matt
>
> _______________________________________________
> suPHP mailing list
> suPHP@lists.marsching.biz
> http://lists.marsching.com/mailman/listinfo/suphp


_______________________________________________
suPHP mailing list
suPHP@lists.marsching.biz
http://lists.marsching.com/mailman/listinfo/suphp

Reply via email to