>Number: 675 >Category: suexec >Synopsis: Apache passes wrong value to suEXEC in regards to virtual >hosts. >Confidential: no >Severity: critical >Priority: medium >Responsible: apache (Apache HTTP Project) >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Jun 4 14:10:01 1997 >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.2b11 >Environment: Linux 2.0.27 gcc 2.7.2 Apache 1.2b11 >Description: We are attempting to use suEXEC on the latest version of Apache. I setup all the files, compiled it, set our virtual hosts, and the permissions. Created a directory off of the virtual hosts directory with a file.
/home/web/systran/public_html/cgi/message.cgi and on my directory: /home/hcst/bryan/public_html/cgi-bin/message.cgi Calling message.cgi from my directory works fine, but not from www.systran.com (which is our virtual host). The virtual host directive has the User and Group options set in it. So, after much hair tearing, I took a look at what suEXEC is doing. It seems that apache is calling suEXEC as such: (http://www.hcst.com/~bryan/) suexec ~bryan hcst blah blah blah and (http://www.systran.com/) suexec systran web blah blah blah The problem is that suEXEC checks for the ~ at the beginning of the user name to determine wether it is off the users root or the main webs root. Obviously, since Apache is not passing systran as ~systran, suEXEC is not recognizing this user as a sub user and is trying to find the file in the main web's root. I haven't traced this into apache yet to know exactly why apache is doing this. I'm going to do that tomorrow. I'll should be able to provide more insight tomorrow. >How-To-Repeat: Not any real way I can think of off hand except by setting up a virtual host and trying to use suEXEC on it. >Fix: Take a look in apache. The problem appears to be that apache is passing an inconsistent value to suEXEC >Audit-Trail: >Unformatted:
