general/2031: logs incorrectly handled

3 Apr 1998 08:20:03 -0000 

>Number:         2031
>Category:       general
>Synopsis:       logs incorrectly handled
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Fri Apr  3 00:20:01 PST 1998
>Last-Modified:
>Originator:     [EMAIL PROTECTED]
>Organization:
apache
>Release:        1.2.5
>Environment:
Redhat linux 4.2, 2.0.33, gcc 2.7.2.1
>Description:
>From userspace with a virtual domain in your home directory:

rm error.log ; touch error.log; chmod 606 error.log

Go to http://whatever/thisurlcausesa404error.html

Apache dumps binary data to error.log for the virt dom to the last size of the
file, then appends data normally.

For example:
shell.one.net (deadlock,7668): touch error.log; chmod 606 error.log
shell.one.net (deadlock,7668): ls -l
total 40
drwxr-xrwx   3 deadlock users        1024 Apr  3 03:11 .
drwxr-xr-x   9 deadlock www          1024 Mar  9 13:26 ..
drwx------   2 deadlock users        1024 Apr  3 02:25 archive
-rw----rw-   1 deadlock users           0 Apr  3 03:11 error.log
-rw----rw-   1 deadlock users       36212 Apr  3 02:19 transfer.log

http://www.jihad.net/thisisa404urlbecauseitisnotontheserver.html

shell.one.net (deadlock,7668): ls -l
total 43
drwxr-xrwx   3 deadlock users        1024 Apr  3 03:11 .
drwxr-xr-x   9 deadlock www          1024 Mar  9 13:26 ..
drwx------   2 deadlock users        1024 Apr  3 02:25 archive
-rw----rw-   1 deadlock users      297526 Apr  3 03:12 error.log
-rw----rw-   1 deadlock users       36212 Apr  3 02:19 transfer.log

Error log is now the size it used to be before being removed.  error.log is
binary data, selecting another 404 URL..

With netscape: http://www.jihad.net/this_is_also_404.html

Cut the binary, what is at the end of error.log:

[Fri Apr  3 03:13:25 1998] File does not exist: /home/d/e/deadlock/web-public/Ji
had//this_is_also_404.html

This is more an annoyance bug than anything else, but could be a hassle if
the site admin is concerns with tracking errors or eliminated error.log for
disk space concerns.
>How-To-Repeat:
Yes, any 404 off www.jihad.net/
>Fix:
Allow apache to write to log files without needing a hup, or edit source to
enforce no-writes until a hup
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]

Reply via email to