Package: apache2-suexec-custom
Version: 2.4.10-10

The apache2-suexec-custom manpage says that suexec will read the calling user's 
/etc/apache2/suexec/username configuration file. Unfortunately, the calling 
user is always www-data, so it always ends up reading 
/etc/apache2/suexec/www-data regardless of the owner of the script being 
executed.

I think this is because the configuration filename is obtained by

asprintf(&filename, SUEXEC_CONFIG_DIR "%s", pw->pw_name)

where pw comes from

     uid = getuid();
     if ((pw = getpwuid(uid)) == NULL) {

right at the beginning of main() when uid is still that of www-data. It should 
be obtained from target_uname instead.

$ uname -v
#1 SMP Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24)


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to