binary (Suexec Off), or force startup failure if suEXEC is required
but not supported (Suexec On). Change SuexecUserGroup to fail
startup instead of just printing a warning if suEXEC is disabled.
Additionally, ap_unixd_config.suexec_disabled_reason has a message,
suitable for logging/messaging, explaining why the feature isn't
available.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1033519 13f79535-47bb-0310-9956-
ffa450edef68
Fix a denial of service attack against mod_reqtimeout.
[Stefan Fritsch]
+ *) suEXEC: Add Suexec directive to disable suEXEC without renaming the
+ binary (Suexec Off), or force startup failure if suEXEC is required
+ but not supported (Suexec On). Change SuexecUserGroup to fail
+ startup instead of just printing a warning if suEXEC is disabled.
+ [Jeff Trawick]
+
*) core: Add Error directive for aborting startup or htaccess processing
with a specified error message. [Jeff Trawick]
SuexecUserGroup nobody nogroup
</example>
+ <p>In Apache httpd 2.3.9 and later, startup will fail if this
+ directive is specified but the suEXEC feature is disabled.</p>
</usage>
-
+<seealso><directive module="mod_unixd">Suexec</directive></seealso>
</directivesynopsis>
+
</modulesynopsis>
<description>Basic (required) security for Unix-family platforms.</description>
<status>Base</status>
+<seealso><a href="../suexec.html">suEXEC support</a></seealso>
+
<directivesynopsis>
<name>Group</name>
<description>Group under which the server will answer
</usage>
</directivesynopsis>
+<directivesynopsis>
+<name>Suexec</name>
+<description>Enable or disable the suEXEC feature</description>
+<syntax>Suexec On|Off</syntax>
+<default>On if suexec binary exists with proper owner and mode,
+Off otherwise</default>
+<contextlist><context>server config</context></contextlist>
+<compatibility>Available in Apache httpd 2.3.9 and later</compatibility>
+
+<usage>
+ <p>When On, startup will fail if the suexec binary doesn't exist
+ or has an invalid owner or file mode.</p>
+ <p>When Off, suEXEC will be disabled even if the suexec binary exists
+ and has a valid owner and file mode.</p>
+</usage>
+</directivesynopsis>
+
</modulesynopsis>
* mod_ssl's parser. Clean up ap_expr's public
* interface.
* 20101106.1 (2.3.9-dev) Add ap_pool_cleanup_set_null() generic cleanup
+ * 20101106.2 (2.3.9-dev) Add suexec_disabled_reason field to ap_unixd_config
*/
#define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */
return NULL;
}
+static const char *
+unixd_set_suexec(cmd_parms *cmd, void *dummy, int arg)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if (!ap_unixd_config.suexec_enabled && arg) {
+ return apr_pstrcat(cmd->pool, "suEXEC isn't supported: ",
+ ap_unixd_config.suexec_disabled_reason, NULL);
+ }
+
+ if (!arg) {
+ ap_unixd_config.suexec_disabled_reason = "Suexec directive is Off";
+ }
+
+ ap_unixd_config.suexec_enabled = arg;
+ return NULL;
+}
+
static int
unixd_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
apr_pool_t *ptemp)
if ((wrapper.protection & APR_USETID) && wrapper.user == 0
&& (access(SUEXEC_BIN, R_OK|X_OK) == 0)) {
ap_unixd_config.suexec_enabled = 1;
+ ap_unixd_config.suexec_disabled_reason = "";
}
+ else {
+ ap_unixd_config.suexec_disabled_reason =
+ "Invalid owner or file mode for " SUEXEC_BIN;
+ }
+ }
+ else {
+ ap_unixd_config.suexec_disabled_reason =
+ "Missing suexec binary " SUEXEC_BIN;
}
ap_sys_privileges_handlers(1);
"Effective group id for this server"),
AP_INIT_TAKE1("ChrootDir", unixd_set_chroot_dir, NULL, RSRC_CONF,
"The directory to chroot(2) into"),
+ AP_INIT_FLAG("Suexec", unixd_set_suexec, NULL, RSRC_CONF,
+ "Enable or disable suEXEC support"),
{NULL}
};
if (err != NULL) {
return err;
}
- if (ap_unixd_config.suexec_enabled) {
- cfg->ugid.uid = ap_uname2id(uid);
- cfg->ugid.gid = ap_gname2id(gid);
- cfg->ugid.userdir = 0;
- cfg->active = 1;
- }
- else {
- fprintf(stderr,
- "Warning: SuexecUserGroup directive requires SUEXEC wrapper.\n");
+
+ if (!ap_unixd_config.suexec_enabled) {
+ return apr_pstrcat(cmd->pool, "SuexecUserGroup configured, but "
+ "suEXEC is disabled: ",
+ ap_unixd_config.suexec_disabled_reason, NULL);
}
+
+ cfg->ugid.uid = ap_uname2id(uid);
+ cfg->ugid.gid = ap_gname2id(gid);
+ cfg->ugid.userdir = 0;
+ cfg->active = 1;
+
return NULL;
}
gid_t group_id;
int suexec_enabled;
const char *chroot_dir;
+ const char *suexec_disabled_reason; /* suitable msg if !suexec_enabled */
} unixd_config_rec;
AP_DECLARE_DATA extern unixd_config_rec ap_unixd_config;
projects / apache / commitdiff