1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-08 23:06:56 +00:00
freebsd-ports/www/apache13-fp/files/patch-fe

170 lines
5.4 KiB
Plaintext
Raw Normal View History

--- src/support/suexec.c.orig Tue Jan 11 13:47:59 2000
+++ src/support/suexec.c Sun Feb 20 17:38:47 2000
@@ -82,11 +82,35 @@
* info: Normal activity message
* debug: Self-explanatory
*/
+/*
+ * "System" CGI modification 97.05.10 by Rick Franchuk (rickf@netnation.com)
+ *
+ * I found that while it's great to make scripts run under the UID and GID
+ * specified in httpd.conf or what /etc/passwd says is 'cool', suEXEC can
+ * really put a damper on 'System' cgi's, forcing copies of the scripts
+ * to be installed into users' home directories. That didn't seem very
+ * fitting... so I changed it so that the target UID check is disabled in
+ * a system directory #defined in suexec+.h. I hope you all find it useful.
+ *
+ * The docroot check had to be bypassed to allow functionality for VirtualHost
+ * entries. I'm somewhat suprised noone encountered that behavior before.
+ */
+ /*
+ * "FPEXE modification made on 98.05.19 by Scot Hetzel (hetzels@westbend.net)
+ * based on previous FPEXE modifications supplied by Mark Wormgoor
+ * (riddles@ipe.nl)
+ *
+ * Changes were made in order to use Suexec and Frontpage 98 at the same time.
+ * After we change to the target_uid and target_gid. We check if cmd = FPEXE,
+ * if it does then we execute the cmd without performing any further tests.
+ *
+ */
#include "ap_config.h"
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <login_cap.h>
#include <stdarg.h>
@@ -262,6 +286,7 @@
char *cmd; /* command to be executed */
char cwd[AP_MAXPATH]; /* current working directory */
char dwd[AP_MAXPATH]; /* docroot working directory */
+ login_cap_t *lc; /* user resource limits */
struct passwd *pw; /* password entry holder */
struct group *gr; /* group entry holder */
struct stat dir_info; /* directory info holder */
@@ -420,6 +445,19 @@
}
/*
+ * Apply user resource limits based on login class.
+ */
+ if ((lc = login_getclassbyname(pw->pw_class, pw)) == NULL) {
+ log_err("login_getclassbyname() failed\n");
+ exit(248);
+ }
+
+ if ((setusercontext(lc, pw, uid, LOGIN_SETRESOURCES)) != 0) {
+ log_err("setusercontext() failed\n");
+ exit(249);
+ }
+
+ /*
* Change UID/GID here so that the following tests work over NFS.
*
* Initialize the group access list for the target user,
@@ -439,6 +477,14 @@
}
/*
+ * We logged everything, changed to the target uid/gid, and know the
+ * user is ok. We run fpexe now and bail out before anything goes wrong.
+ */
+#ifdef FPEXE
+ if ((strcmp(cmd, FPEXE)) != NULL) {
+#endif
+
+ /*
* Get the current working directory, as well as the proper
* document root (dependant upon whether or not it is a
* ~userdir request). Error out if we cannot get either one,
@@ -470,10 +516,16 @@
}
}
+ /*
+ * This section must be commented out to work properly with
+ * VirtualHosts running CGI in thier own directories.
+ *
+
if ((strncmp(cwd, dwd, strlen(dwd))) != 0) {
log_err("error: command not in docroot (%s/%s)\n", cwd, cmd);
exit(114);
}
+ */
/*
* Stat the cwd and verify it is a directory, or error out.
@@ -519,6 +571,9 @@
* Error out if the target name/group is different from
* the name/group of the cwd or the program.
*/
+#ifdef SYSTEM_CGI
+ if (strncmp(cwd, SYSTEM_CGI, strlen(SYSTEM_CGI))) {
+#endif
if ((uid != dir_info.st_uid) ||
(gid != dir_info.st_gid) ||
(uid != prg_info.st_uid) ||
@@ -530,6 +585,10 @@
prg_info.st_uid, prg_info.st_gid);
exit(120);
}
+#ifdef SYSTEM_CGI
+ }
+#endif
+
/*
* Error out if the program is not executable for the user.
* Otherwise, she won't find any error in the logs except for
@@ -551,6 +610,49 @@
umask(SUEXEC_UMASK);
#endif /* SUEXEC_UMASK */
clean_env();
+
+#ifdef FPEXE
+ }
+ else {
+
+ /* The following taken from mod_frontpage.c to check permissions */
+
+ /*
+ * We can't stat the stub dir. Make sure the stub directory is not
+ * owned by root and not group/world writable
+ */
+ if ((lstat(FPSTUBDIR, &dir_info) == -1 ||
+ dir_info.st_uid ||
+ (dir_info.st_mode & (S_IWGRP | S_IWOTH)) ||
+ (!S_ISDIR(dir_info.st_mode)))) {
+ /*
+ * User recovery: set directory to be owned by by root with
+ * permissions r*x*-x*-x.
+ */
+ log_err("Incorrect permissions on stub directory \"%-.1024s\"",
+ FPSTUBDIR);
+ exit (250);
+ }
+
+ /*
+ * We can't stat the stub. Make sure the stub is not owned by root,
+ * set-uid, set-gid, and is not group/world writable or executable.
+ */
+ if ((stat(cmd, &prg_info) == -1 ||
+ prg_info.st_uid ||
+ !(prg_info.st_mode & S_ISUID) ||
+ (prg_info.st_mode & S_ISGID) ||
+ (prg_info.st_mode & (S_IWGRP | S_IWOTH)) ||
+ !(prg_info.st_mode & (S_IXGRP | S_IXOTH)))) {
+ /*
+ * User recovery: set stub to be owned by by root with permissions
+ * r*s*-x*-x.
+ */
+ log_err("Incorrect permissions on stub \"%-.1024s\"", cmd);
+ exit (251);
+ }
+ }
+#endif
/*
* Be sure to close the log file so the CGI can't