randy 97/01/24 16:59:45
Modified: src CHANGES mod_cgi.c
Log:
Turn off call to can_exec() if suexec_enabled.
Revision Changes Path
1.130 +4 -0 apache/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.129
retrieving revision 1.130
diff -C3 -r1.129 -r1.130
*** CHANGES 1997/01/24 23:33:40 1.129
--- CHANGES 1997/01/25 00:59:42 1.130
***************
*** 1,5 ****
--- 1,9 ----
Changes with Apache 1.2b5
+ *) Don't call can_exec() if suexec_enabled. Calling this requires
+ scripts executed by the suexec wrapper to be world executable, which
+ defeats one of the advantages of running the wrapper. [Randy Terbush]
+
*) Portability Fix: IRIX complained with 'make clean' about *pure*
(removed)
[Jim Jagielski]
1.30 +6 -4 apache/src/mod_cgi.c
Index: mod_cgi.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_cgi.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -C3 -r1.29 -r1.30
*** mod_cgi.c 1997/01/24 07:45:17 1.29
--- mod_cgi.c 1997/01/25 00:59:42 1.30
***************
*** 377,386 ****
if (r->finfo.st_mode == 0)
return log_scripterror(r, conf, NOT_FOUND,
"script not found or unable to stat");
! if(!can_exec(&r->finfo))
! return log_scripterror(r, conf, FORBIDDEN,
! "file permissions deny server execution");
!
if ((retval = setup_client_block(r, REQUEST_CHUNKED_ERROR)))
return retval;
--- 377,388 ----
if (r->finfo.st_mode == 0)
return log_scripterror(r, conf, NOT_FOUND,
"script not found or unable to stat");
! if (!suexec_enabled) {
! if (!can_exec(&r->finfo))
! return log_scripterror(r, conf, FORBIDDEN,
! "file permissions deny server
execution");
! }
!
if ((retval = setup_client_block(r, REQUEST_CHUNKED_ERROR)))
return retval;
