On Tue, May 21, 2002 at 01:03:03AM +0100, Colm MacCárthaigh wrote:
The following patch reverts to the previous and documented
bevahiour (exhibited by 1.3). Currently !--exec cmd
does not work with suexec enabled as the proc.c will try to
run : shell -c suexec uid gid ... so on.
snip patch
I should have mentioned, this patch resolves PR 8291. Also
after applying this patch, SSI + suexec works fully except
that
!--#include file=some.cgi--
will run the cgi as the webserver user, and not the suexec
user. Obviously a security hole. include virtual is not
affected, Nor is the fsize directive. (they all use
subrequests)
The patch below fixes it by using the ap_sub_req_lookup_uri
instead of ap_sub_req_lookup_file. Since the functionality of
_uri is a superset of _file (afaict) this means that nothing
valid in an include file directive will break. But it
also means that some of what was previously invalid will
(query string etc). Since include file has deprecated
support anyway .. I'm not sure how big a deal it is that
mod_include wouldnt be enforcing what include file should
only be able to do.
Colm
Index: modules/filters/mod_include.c
===
RCS file: /home/cvspublic/httpd-2.0/modules/filters/mod_include.c,v
retrieving revision 1.222
diff -u -r1.222 mod_include.c
--- modules/filters/mod_include.c 17 May 2002 11:33:09 - 1.222
+++ modules/filters/mod_include.c 22 May 2002 09:26:39 -
-1263,7 +1263,7
in parsed file %s;
}
else {
-rr = ap_sub_req_lookup_file(parsed_string, r, f-next);
+rr = ap_sub_req_lookup_uri(parsed_string, r, f-next);
}
}
else {