On Tue, May 21, 2002 at 01:03:03AM +0100, Colm MacC�rthaigh wrote:
> The following patch reverts to the previous and documented
> bevahiour (exhibited by 1.3). Currently <!--exec cmd
> does not work with suexec enabled as the proc.c will try to
> run : shell -c suexec uid gid ... so on.
>
<snip patch>
I should have mentioned, this patch resolves PR 8291. Also
after applying this patch, SSI + suexec works fully except
that
<!--#include file="some.cgi"-->
will run the cgi as the webserver user, and not the suexec
user. Obviously a security hole. "include virtual" is not
affected, Nor is the fsize directive. (they all use
subrequests)
The patch below fixes it by using the ap_sub_req_lookup_uri
instead of ap_sub_req_lookup_file. Since the functionality of
_uri is a superset of _file (afaict) this means that nothing
valid in an "include file" directive will break. But it
also means that some of what was previously invalid will
(query string etc). Since "include file" has deprecated
support anyway .. I'm not sure how big a deal it is that
mod_include wouldnt be enforcing what "include file" should
only be able to do.
Colm
Index: modules/filters/mod_include.c
===================================================================
RCS file: /home/cvspublic/httpd-2.0/modules/filters/mod_include.c,v
retrieving revision 1.222
diff -u -r1.222 mod_include.c
--- modules/filters/mod_include.c 17 May 2002 11:33:09 -0000 1.222
+++ modules/filters/mod_include.c 22 May 2002 09:26:39 -0000
@@ -1263,7 +1263,7 @@
"in parsed file %s";
}
else {
- rr = ap_sub_req_lookup_file(parsed_string, r, f->next);
+ rr = ap_sub_req_lookup_uri(parsed_string, r, f->next);
}
}
else {
