>Number: 922
>Category: config
>Synopsis: it is useful to allow specifiction that root-owned symlinks
>should always be followed
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache (Apache HTTP Project)
>State: open
>Class: change-request
>Submitter-Id: apache
>Arrival-Date: Sun Jul 27 15:40:01 1997
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.2 and lower
>Environment:
This applies to Apache HTTPD on any UNIX system with symbolic links
>Description:
The ability to disallow following symlinks unless the owner of the symlink
matches the owner of the target file is good for security but unfortunately
this causes problems when root restores symlinks from tape or when amd/automount
creates symlinks to placed not owned by root. For every release of Apache
httpd, I have to add one line to http_request.c that says that symlinks owned
by root should be followed without checking the ownership of the target.
I believe that this would be useful for others and that an new option, perhaps
SymLinkIfOwnerRoot
should be added to the list of options for <Directory> (and maybe <Location>)
so that this can be controlled from the config file (or files).
I offered to supply code to do this (or whatever similar capability was
more generally acceptable) early in the 1.2beta period. At that time, I
was told that it was too late to add this in 1.2 and that I should resubmit
this idea for consideration when 1.3 discussions began. I take the release
of 1.3a1 as a sign that 1.3 discussions have begun.
A larger change would be to change FollowSymLinks from an option to a
declaration that would cover
* following all symlinks
* following no symlinks
* following symlinks if owners match
* following symlinks owned by a specified list of users
* a combination of the previous two
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
