A few weeks ago I opened Bug 7810, which was suexec not working with mod_userdir with either mod_cgi or mod_cgid. Anyway, Justin kindly applied a modified patch of mine to fix mod_cgi .. up until today I have been simply too busy to look at it .. but here's a patch that makes mod_cgid work. The bug is already closed, but this patch shuold fix all of the issues that are in it.
It's two changes, send and receive the entire suexec_cfg struc- ture to/from cgid, and send the mod_userdir_user note. Also, just to note that current beahaviour is that : --enable-cgid --with-mpm=[something threaded] \ --enable-suexec ... results in a build of apache which is fully functional , with all userdir CGI working .. but not suexec'd. Which in certain environments is a major security hole. - Colm Index: modules/generators/mod_cgid.c =================================================================== RCS file: /home/cvspublic/httpd-2.0/modules/generators/mod_cgid.c,v retrieving revision 1.129 diff -u -r1.129 mod_cgid.c --- modules/generators/mod_cgid.c 17 May 2002 11:33:09 -0000 1.129 +++ modules/generators/mod_cgid.c 20 May 2002 02:15:44 -0000 @@ -329,16 +329,8 @@ if (rc != sizeof(int)) { return 1; } - rc = read(fd, &suexec_cfg->ugid.uid, sizeof(uid_t)); - if (rc != sizeof(uid_t)) { - return 1; - } - rc = read(fd, &suexec_cfg->ugid.gid, sizeof(gid_t)); - if (rc != sizeof(gid_t)) { - return 1; - } - rc = read(fd, &suexec_cfg->active, sizeof(int)); - if (rc != sizeof(int)) { + rc = read(fd, suexec_cfg, sizeof(*suexec_cfg)); + if (rc != sizeof(*suexec_cfg)) { return 1; } dconf[i] = (void *)suexec_cfg; @@ -379,12 +371,20 @@ } #endif #endif - /* For right now, just make the notes table. At some point we will need - * to actually fill this out, but for now we just don't want suexec to - * seg fault. - */ + + /* basic notes table to avoid seg faults */ r->notes = apr_table_make(r->pool, 1); + /* mod_userdir requires the mod_userdir_user note */ + rc = read(fd, &len, sizeof(len)); + if (len) { + data = apr_pcalloc(r->pool, len + 1); /* last byte is '\0' */ + rc = read(fd, data, len); + if(rc != len) { + return 1; + } + apr_table_set(r->notes,"mod_userdir_user", data); + } return 0; } @@ -441,9 +441,7 @@ suexec_mod); write(fd, &suexec_mod->module_index, sizeof(int)); - write(fd, &suexec_cfg->ugid.uid, sizeof(uid_t)); - write(fd, &suexec_cfg->ugid.gid, sizeof(gid_t)); - write(fd, &suexec_cfg->active, sizeof(int)); + write(fd, suexec_cfg, sizeof(*suexec_cfg)); } #if 0 @@ -483,6 +481,16 @@ } #endif #endif + /* send a minimal notes table */ + data = (char *) apr_table_get(r->notes, "mod_userdir_user"); + if(data != NULL) { + len = strlen(data); + write(fd, &len, sizeof(len)); + write(fd, data, len); + } else { + len = 0; + write(fd, &len, sizeof(len)); + } } static void daemon_signal_handler(int sig)