source: server/common/patches/httpd-suexec-scripts.patch @ 147

Last change on this file since 147 was 113, checked in by presbrey, 17 years ago
signup_t domain is in system_r role
File size: 4.5 KB

  • httpd-2.2.2/support/Makefile.in 

    # scripts.mit.edu httpd suexec patch
# Copyright (C) 2006  Jeff Arnold <jbarnold@mit.edu>, Joe Presbrey <presbrey@mit.edu>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
#
# See /COPYRIGHT in this repository for more information.
#
    old new  
    6060
    6161suexec_OBJECTS = suexec.lo
    6262suexec: $(suexec_OBJECTS)
    63         $(LINK) $(suexec_OBJECTS)
     63        $(LINK) -lselinux $(suexec_OBJECTS)
    6464
    6565htcacheclean_OBJECTS = htcacheclean.lo
    6666htcacheclean: $(htcacheclean_OBJECTS)

  • httpd-2.2.2/support/suexec.c

    old new  
    4646#include <stdio.h>
    4747#include <stdarg.h>
    4848#include <stdlib.h>
     49#include <selinux/selinux.h>
    4950
    5051#ifdef HAVE_PWD_H
    5152#include <pwd.h>
     
    9596{
    9697    /* variable name starts with */
    9798    "HTTP_",
     99    "HTTPS_",
    98100    "SSL_",
    99101
    100102    /* variable name is */
     
    140142    "UNIQUE_ID=",
    141143    "USER_NAME=",
    142144    "TZ=",
     145    "PHPRC=",
    143146    NULL
    144147};
    145148
     
    450453     * Error out if attempt is made to execute as root or as
    451454     * a UID less than AP_UID_MIN.  Tsk tsk.
    452455     */
    453     if ((uid == 0) || (uid < AP_UID_MIN)) {
     456    if ((uid == 0) || (uid < AP_UID_MIN && uid != 102)) {
    454457        log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd);
    455458        exit(107);
    456459    }
     
    482485        log_err("failed to setuid (%ld: %s)\n", uid, cmd);
    483486        exit(110);
    484487    }
     488    if (uid == 102) {
     489        if (setexeccon("system_u:system_r:signup_t:s0") == -1) {
     490            log_err("failed to setexeccon (%ld: %s) to signup_t\n");
     491            exit(201);
     492        }
     493    } else {
     494        if (setexeccon("user_u:user_r:user_t:s0") == -1) {
     495            log_err("failed to setexeccon (%ld: %s) to user_t\n");
     496            exit(202);
     497        }
     498    }
    485499
    486500    /*
    487501     * Get the current working directory, as well as the proper
     
    513527            exit(113);
    514528        }
    515529    }
     530    char *expected = malloc(strlen(target_homedir)+strlen(AP_USERDIR_SUFFIX)+1);
     531    sprintf(expected, "%s/%s", target_homedir, AP_USERDIR_SUFFIX);
     532    if ((strncmp(cwd, expected, strlen(expected))) != 0) {
     533        log_err("error: file's directory not a subdirectory of user's home directory (%s, %s)\n", cwd, expected);
     534        exit(114);
     535    }
    516536
    517537    if ((strncmp(cwd, dwd, strlen(dwd))) != 0) {
    518538        log_err("command not in docroot (%s/%s)\n", cwd, cmd);
     
    530550    /*
    531551     * Error out if cwd is writable by others.
    532552     */
     553#if 0
    533554    if ((dir_info.st_mode & S_IWOTH) || (dir_info.st_mode & S_IWGRP)) {
    534555        log_err("directory is writable by others: (%s)\n", cwd);
    535556        exit(116);
    536557    }
     558#endif
    537559
    538560    /*
    539561     * Error out if we cannot stat the program.
    540562     */
    541     if (((lstat(cmd, &prg_info)) != 0) || (S_ISLNK(prg_info.st_mode))) {
     563    if (((lstat(cmd, &prg_info)) != 0) /*|| (S_ISLNK(prg_info.st_mode))*/) {
    542564        log_err("cannot stat program: (%s)\n", cmd);
    543565        exit(117);
    544566    }
     
    546568    /*
    547569     * Error out if the program is writable by others.
    548570     */
     571#if 0
    549572    if ((prg_info.st_mode & S_IWOTH) || (prg_info.st_mode & S_IWGRP)) {
    550573        log_err("file is writable by others: (%s/%s)\n", cwd, cmd);
    551574        exit(118);
    552575    }
     576#endif
    553577
    554578    /*
    555579     * Error out if the file is setuid or setgid.
     
    563587     * Error out if the target name/group is different from
    564588     * the name/group of the cwd or the program.
    565589     */
     590#if 0
    566591    if ((uid != dir_info.st_uid) ||
    567592        (gid != dir_info.st_gid) ||
    568593        (uid != prg_info.st_uid) ||
     
    574599                prg_info.st_uid, prg_info.st_gid);
    575600        exit(120);
    576601    }
     602#endif
    577603    /*
    578604     * Error out if the program is not executable for the user.
    579605     * Otherwise, she won't find any error in the logs except for
Note: See TracBrowser for help on using the repository browser.