>Number: 2341 >Category: mod_rewrite >Synopsis: Permissions/Ownership of RewriteLock files prevent child >access and thus apache from starting up when they are used. >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Tue Jun 2 10:10:01 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3b7 >Environment: Linux 2.0.32, gcc 2.7.2 >Description: The file specified as the RewriteLock file for the RewriteMap I am using is being created with root as the owner, and -rw--r--r-- as the permissions when I start apache up (presumably by the parent httpd process). The children are then unable to access this, presumably as they have given up root privs.
The error message I get is: "mod_rewrite: Child could not open RewriteLock file /foo/file.lck" If - after the file has been created, and while the errors are being generated - I chmod a+w the file, the children stop complaining and everything works. >How-To-Repeat: Use a rewritelock for a rewrite map program, and have the user the children run as be anything other than the user apache started up as. >Fix: I guess setting the permissions so that anyone can write to the file is not secure. Maybe pass an open file handle to the children? I haven't looked through the code, so I'm only guessing :). >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
