On Sun, 24 Jun 2012, Sebastian Marsching wrote:
Am 24.06.2012 10:12, schrieb Dan Mahoney, System Admin:
What I'd like to know here is: what is the calling-format of the
/usr/local/sbin/suphp binary -- for example, if I want to call IT from
the command line, so I can run truss on it to figure out what files are
being called, and what's vomiting. (As there's no other convenient way I
can find to stick a debugger in the middle).
(Feel free to reply to me privately with this info if you feel it's
dangerous).
The calling syntax is not a secret (after all the source code is open),
however I think that this might not be very helpful.
As suPHP has the setuid bit set, the kernel should not allow debugging (or
rather ignore the setuid bit, if a debugger is attached). However, as suPHP
checks for the calling user to be the webserver, calling it as root does not
help either.
Yeah -- adding a minor check that says "or root" might be helpful there
(or having suPHP be able to check for multiple webserver UIDs, for those
of us that run webservices under several main uids), but your instructions
below are useful.
In general, the best way to do debugging (e.g. using strace), is to create a
small wrapper shell-script calling PHP with a debugger attached and writing
the results to a file. You can then configure suPHP to call this wrapper
instead of PHP directly. If you want, you can even limit this to a different
handler, thus enabling debugging for certain scripts only.
Right. Such a wrapper would need to handle passing the stdin/stdout
streams, as well as duplicating the environment vars of the parent.
Seems fairly simple. Thanks.
This had occured to me, but I hadn't considered the whole setuid issue, so
my initial approach seemed like less work.
-Dan
--
"I hate Windows"
-Tigerwolf, Anthrocon 2004
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
_______________________________________________
suPHP mailing list
[email protected]
https://lists.marsching.com/mailman/listinfo/suphp
