Changeset 842 for server/common


Ignore:
Timestamp:
Sep 28, 2008, 3:43:31 AM (15 years ago)
Author:
andersk
Message:
Run php directly from suexec, so php scripts don’t need to be executable.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • server/common/patches/httpd-suexec-scripts.patch

    r823 r842  
    4747--- httpd-2.2.2/support/suexec.c.old    2006-04-21 21:53:06.000000000 -0400
    4848+++ httpd-2.2.2/support/suexec.c        2007-05-22 10:32:04.000000000 -0400
    49 @@ -30,6 +30,8 @@
     49@@ -30,6 +30,9 @@
    5050  *
    5151  */
    5252 
    5353+#define STATIC_CAT_PATH "/usr/local/bin/static-cat"
     54+#define PHP_PATH "/usr/bin/php-cgi"
    5455+
    5556 #include "apr.h"
     
    7273 
    7374     /* variable name is */
    74 @@ -140,6 +144,7 @@
    75      "UNIQUE_ID=",
    76      "USER_NAME=",
    77      "TZ=",
    78 +    "PHPRC=",
    79      NULL
    80  };
    81  
    82 @@ -245,9 +250,58 @@
     75@@ -245,9 +250,65 @@
    8376     environ = cleanenv;
    8477 }
     
    132125+}
    133126+
     127+static int is_php_extension(const char *file)
     128+{
     129+    const char *extension = strrchr(file, '.');
     130+    if (extension == NULL) return 0;
     131+    return strcmp(extension + 1, "php") == 0;
     132+}
     133+
    134134 int main(int argc, char *argv[])
    135135 {
     
    259259         (gid != dir_info.st_gid) ||
    260260         (uid != prg_info.st_uid) ||
    261 @@ -574,6 +676,7 @@
     261@@ -574,12 +676,14 @@
    262262                 prg_info.st_uid, prg_info.st_gid);
    263263         exit(120);
     
    267267      * Error out if the program is not executable for the user.
    268268      * Otherwise, she won't find any error in the logs except for
    269 @@ -606,6 +709,13 @@
     269      * "[error] Premature end of script headers: ..."
     270      */
     271-    if (!(prg_info.st_mode & S_IXUSR)) {
     272+    if (!is_static_extension(cmd) && !is_php_extension(cmd) &&
     273+        !(prg_info.st_mode & S_IXUSR)) {
     274         log_err("file has no execute permission: (%s/%s)\n", cwd, cmd);
     275         exit(121);
     276     }
     277@@ -606,6 +709,21 @@
    270278       exit(122);
    271279     }
     
    277285+       exit(255);
    278286+    }
     287+    if (is_php_extension(cmd)) {
     288+        setenv("PHPRC", ".", 1);
     289+        argv[1] = PHP_PATH;
     290+        argv[2] = "-f";
     291+        execv(PHP_PATH, &argv[1]);
     292+       log_err("(%d)%s: php exec failed (%s)\n", errno, strerror(errno), argv[2]);
     293+       exit(255);
     294+    }
    279295+
    280296     /*
Note: See TracChangeset for help on using the changeset viewer.