>Number: 2356 >Category: os-windows >Synopsis: SSI tag EXEC does not work correctly >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Thu Jun 4 17:30:01 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3b7 (Win32) >Environment: Win95 >Description: The SSI statment EXEC statement will not execute shell commands. For example "<!--#EXEC CMD="DIR" -->" does not execute the DIR command. >How-To-Repeat: Include the SSI EXEC CMD= in any shtml page. >Fix: 1) In module util_script.c the WIN32 portion of ap_exec_cmd() uses r->file_name to locate the executable file instead of argv0. 2) In module util_script.c the WIN32 code uses the value "CMD.EXE" to specify the command interpreter instead of the constant SHELL_PATH. 3) In header httpd.h the SHELL_PATH constant must be set to "COMMAND.COM" for WIN95. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
