misc/108169: Wrong AP_SAFE_PATH for suEXEC with apache20 package
Bolinard Vincent
VInzstyle at gmail.com
Sat Jan 20 23:10:19 UTC 2007
>Number: 108169
>Category: misc
>Synopsis: Wrong AP_SAFE_PATH for suEXEC with apache20 package
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Jan 20 23:10:16 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Bolinard Vincent
>Release: 6.2-RELEASE
>Organization:
>Environment:
FreeBSD server.vinzland.net 6.2-RELEASE FreeBSD 6.2-RELEASE #2: Fri Jan 19 23:33:32 CET 2007 temp1 at server.vinzland.net:/usr/obj/usr/src/sys/SERVER i386
>Description:
I installed apache20 package with :
# pkg_add -r apache20
Everything is working fine but suEXEC. If the module is loaded without any additional options, it works. But, if I try to set the SuexecUserGroup option in a vhost, this is what I get when I run apachectl -t :
Warning: SuexecUserGroup directive requires SUEXEC wrapper.
Syntax OK
So, I checked suEXEC with :
# /usr/local/sbin/suexec -V
-D AP_DOC_ROOT="/usr/local/www/data"
-D AP_GID_MIN=1000
-D AP_HTTPD_USER="www"
-D AP_LOG_EXEC="/var/log/httpd-suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=1000
-D AP_USERDIR_SUFFIX="public_html"
The AP_SAFE_PATH is wrong.
>How-To-Repeat:
>Fix:
The AP_SAFE_PATH should be set (at least) like this : "/usr/local/bin:/usr/local/sbin:/usr/bin:/bin" to include the /usr/local/sbin directory which contains the suEXEC binary.
On my personal machine I copied suEXEC (with -p argument) to /usr/local/bin and ran apachectl -t :
Syntax OK
No warning about suEXEC.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list