rpms/mod_suphp/devel mod_suphp-0.6.1-DoubleFree.patch, NONE, 1.1 mod_suphp-0.6.1-chroot.patch, NONE, 1.1 README.fedora, 1.1, 1.2 mod_suphp.conf, 1.1, 1.2 mod_suphp.spec, 1.10, 1.11 suphp.conf, 1.2, 1.3 needs.rebuild, 1.1, NONE
Andreas Thienemann (ixs)
fedora-extras-commits at redhat.com
Sun Sep 10 21:04:32 UTC 2006
Author: ixs
Update of /cvs/extras/rpms/mod_suphp/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16742
Modified Files:
README.fedora mod_suphp.conf mod_suphp.spec suphp.conf
Added Files:
mod_suphp-0.6.1-DoubleFree.patch mod_suphp-0.6.1-chroot.patch
Removed Files:
needs.rebuild
Log Message:
* Fri Sep 08 2006 Andreas Thienemann <andreas at bawue.net> 0.6.1-3
- Finally fixed double free corruption #192415
- Fixed up configuration creation
mod_suphp-0.6.1-DoubleFree.patch:
--- NEW FILE mod_suphp-0.6.1-DoubleFree.patch ---
diff -urNp suphp-0.6.1.orig/src/API_Linux.cpp suphp-0.6.1/src/API_Linux.cpp
--- suphp-0.6.1.orig/src/API_Linux.cpp 2006-06-19 18:39:17.000000000 +0100
+++ suphp-0.6.1/src/API_Linux.cpp 2006-06-19 18:37:38.000000000 +0100
@@ -42,7 +42,7 @@ extern char **environ;
using namespace suPHP;
-SmartPtr<API_Linux_Logger> suPHP::API_Linux::logger;
+SmartPtr<API_Linux_Logger>* suPHP::API_Linux::logger;
bool suPHP::API_Linux::isSymlink(const std::string path) const
throw (SystemException) {
@@ -139,10 +139,10 @@ GroupInfo suPHP::API_Linux::getRealProce
Logger& suPHP::API_Linux::getSystemLogger() {
- if (suPHP::API_Linux::logger.get() == NULL) {
- suPHP::API_Linux::logger.reset(new API_Linux_Logger());
+ if (suPHP::API_Linux::logger->get() == NULL) {
+ suPHP::API_Linux::logger->reset(new API_Linux_Logger());
}
- return *(suPHP::API_Linux::logger);
+ return **(suPHP::API_Linux::logger);
}
diff -urNp suphp-0.6.1.orig/src/API_Linux.hpp suphp-0.6.1/src/API_Linux.hpp
--- suphp-0.6.1.orig/src/API_Linux.hpp 2006-06-19 18:39:17.000000000 +0100
+++ suphp-0.6.1/src/API_Linux.hpp 2006-06-19 18:43:23.000000000 +0100
@@ -41,9 +41,10 @@ namespace suPHP {
*/
class API_Linux : public API {
private:
- static SmartPtr<API_Linux_Logger> logger;
+ /* Try and avoid the "static initialization order fiasco" */
+ static SmartPtr<API_Linux_Logger>* logger;
/**
- * Internal function for checking wheter path
+ * Internal function for checking whether path
* points to a symlink
*/
bool isSymlink(const std::string path) const
@@ -57,6 +58,25 @@ namespace suPHP {
public:
/**
+ * Constructor
+ */
+ API_Linux() {
+ logger = NULL;
+ logger = new SmartPtr<API_Linux_Logger>;
+ };
+
+ /**
+ * Destructor
+ */
+ ~API_Linux() {
+ if (logger != NULL) {
+ delete logger;
+ }
+ logger = NULL;
+ };
+
+
+ /**
* Get environment variable
*/
virtual Environment getProcessEnvironment();
mod_suphp-0.6.1-chroot.patch:
--- NEW FILE mod_suphp-0.6.1-chroot.patch ---
Hello list!
I've written a patch around the chroot() function in
suPHP 0.6.1. First I'll explain our old setup and why
we find this patch useful.
Since we are improving our webserver security at the
moment, we were looking for a possibility to
chroot() some users.
Our old setup consists of mod_php and PHP per VirtualHost
configurations like:
php_admin_value open_basedir ...
php_admin_value upload_tmp_dir ...
...
With disable_functions we disabled functions like exec(),
system(), etc to let the user stay in his open_basedir
(executed programs don't got the open_basedir
restrictions).
Some users requested the possibility to exec programs like
the ImageMagick tools, needed for Typo3 or other PHP
programs like PHP gallery. I know about the possibility to
configure a safe_mode_exec_dir within the php.ini, but it
is not the best solution.
The new suPHP version 0.6.1 offers the possibility to
chroot and it works nice. Though there are some problems:
- There is only one configuration file and the chroot-path
is configured within the global config. If you want to
chroot each virtual host into it's own chroot-jail it
isn't possible.
- When chrooted the path of the php script stays like
outsite the chroot environment.
Example:
before suPHP chroot()
SCRIPT_FILENAME = /chroot/YOUR_SITE/var/www/index.php
CURRENT_ROOT = /
CHROOT = /chroot/YOUR_SITE/
after suPHP chroot()
SCRIPT_FILENAME = /chroot/YOUR_SITE/var/www/index.php
CURRENT_ROOT = /chroot/YOUR_SITE/
PHP will look for a file called
/chroot/YOUR_SITE/var/www/index.php
inside the chroot environment.
Infact the file is
/var/www/index.php
inside the chroot environment.
What the attached patch does:
- It adds a mod_suphp configuration option called
"suPHP_Options" (the name might not be the best, but
since suPHP_ConfigPath was already in use, I've choosen
this name)
- It "translates" the script path after chroot() so that
PHP will find the right script.
Here are the steps I used to build a chroot environment for
a virtual host:
- Create a directory structure for the chroot directory:
$ mkdir -p /chroot/YOUR_SITE/\
{bin,etc,lib,tmp,usr/bin,usr/lib/,var/www}
- Copy the php binary and depending libraries into the
chroot directory:
$ ldd /usr/bin/php-cgi | sed -e \
's,.*=> /\(.*\) (0x.*,\1,' | while read lib; \
do
LIBDIR="/chroot/YOUR_SITE/`dirname ${lib}`"; \
test ! -d $LIBDIR && mkdir -p $LIBDIR; \
cp -v /${lib} /chroot/YOUR_SITE/${lib}; \
done
- Copy a php.ini into the chroot directory and change the
doc_root configuration parameter.
$ cat /chroot/YOUR_SITE/etc/php.ini |
sed -e 's,^doc_root.*$,doc_root ="/var/www/",' > \
/chroot/YOUR_SITE/etc/php.ini
- Create a apache VirtualHost:
<VirtualHost *>
ServerName YOUR_SITE.EXAMPLE
ServerAdmin [11]YOU at YOUR_SITE.EXAMPLE
DocumentRoot /chroot/YOUR_SITE/var/www/
<Directory /chroot/YOUR_SITE/var/www>
suPHP_Engine On
suPHP_Options /chroot/YOUR_SITE-suphp.conf
# chrooted view
suPHP_ConfigPath /etc/
</Directory>
</VirtualHost>
- Create a suPHP configuration file.
Just pick the default file and set
chroot=/chroot/YOUR_SITE/
WARNING there are some limitations with this patch:
- First, I'm not the best C, C++ developer and this is my
first apache module work
- The code is mostly quick and dirty hacked, because I
wanted to try if this would work.
- Only the apache2 module was patched.
I'd appreciate if you review this patch and post your
comments on this.
Greetings,
Jan
--- suphp-0.6.1/src/apache2/mod_suphp.c.orig 2006-05-24 04:31:35.000000000 +0200
+++ suphp-0.6.1/src/apache2/mod_suphp.c 2006-05-24 04:34:58.000000000 +0200
@@ -114,6 +114,7 @@
char *target_user;
char *target_group;
#endif
+ char *suphp_options;
apr_table_t *handlers;
} suphp_conf;
@@ -130,7 +131,9 @@
cfg->target_user = NULL;
cfg->target_group = NULL;
#endif
-
+
+ cfg->suphp_options = NULL;
+
/* Create table with 0 initial elements */
/* This size may be increased for performance reasons */
cfg->handlers = apr_table_make(p, 0);
@@ -175,6 +178,13 @@
else
merged->target_group = NULL;
#endif
+
+ if (child->suphp_options)
+ merged->suphp_options = apr_pstrdup(p, child->suphp_options);
+ else if (parent->suphp_options)
+ merged->suphp_options = apr_pstrdup(p, parent->suphp_options);
+ else
+ merged->suphp_options = NULL;
merged->handlers = apr_table_overlay(p, child->handlers, parent->handlers);
@@ -265,6 +275,17 @@
return NULL;
}
+static const char *suphp_handle_cmd_options(cmd_parms *cmd, void *mconfig,
+ const char *arg)
+{
+ suphp_conf *cfg;
+ cfg = (suphp_conf *) mconfig;
+
+ cfg->suphp_options = apr_pstrdup(cmd->pool, arg);
+
+ return NULL;
+}
+
#ifdef SUPHP_USE_USERGROUP
static const char *suphp_handle_cmd_user_group(cmd_parms *cmd, void *mconfig,
@@ -315,6 +336,7 @@
#endif
AP_INIT_ITERATE("suPHP_AddHandler", suphp_handle_cmd_add_handler, NULL, RSRC_CONF | ACCESS_CONF, "Tells mod_suphp to handle these MIME-types"),
AP_INIT_ITERATE("suPHP_RemoveHandler", suphp_handle_cmd_remove_handler, NULL, RSRC_CONF | ACCESS_CONF, "Tells mod_suphp not to handle these MIME-types"),
+ AP_INIT_TAKE1("suPHP_Options", suphp_handle_cmd_options, NULL, OR_OPTIONS, "The configuration file suPHP should use for this virtual host"),
{NULL}
};
@@ -436,6 +458,11 @@
{
apr_table_setn(r->subprocess_env, "SUPHP_PHP_CONFIG", apr_pstrdup(p, dconf->php_config));
}
+
+ if (dconf->suphp_options)
+ {
+ apr_table_setn(r->subprocess_env, "SUPHP_OPTIONS", apr_pstrdup(p, dconf->suphp_options));
+ }
apr_table_setn(r->subprocess_env, "SUPHP_HANDLER", r->handler);
--- suphp-0.6.1/src/Application.cpp.orig 2006-05-24 04:31:35.000000000 +0200
+++ suphp-0.6.1/src/Application.cpp 2006-05-24 04:34:13.000000000 +0200
@@ -50,16 +50,23 @@
API& api = API_Helper::getSystemAPI();
Logger& logger = api.getSystemLogger();
-#ifdef OPT_CONFIGFILE
- File cfgFile = File(OPT_CONFIGFILE);
-#else
- File cfgFile = File("/etc/suphp.conf");
-#endif
std::string interpreter;
TargetMode targetMode;
Environment newEnv;
+ File cfgFile = File("");
+
+ try {
+ cfgFile = File(env.getVar("SUPHP_OPTIONS").c_str());
+ } catch (KeyNotFoundException &e) {
+#ifdef OPT_CONFIGFILE
+ cfgFile = File(OPT_CONFIGFILE);
+#else
+ cfgFile = File("/etc/suphp.conf");
+#endif
+ }
+
// Begin try block - soft exception cannot really be handled before
// initialization
try {
@@ -88,14 +95,23 @@
return 1;
}
- this->checkScriptFile(scriptFilename, config, env);
-
// Root privileges are needed for chroot()
// so do this before changing process permissions
if (config.getChrootPath().length() > 0) {
api.chroot(config.getChrootPath());
+
+ // after chroot() the SCRIPT_FILENAME path has changed
+ // and needs to get "translated"
+ std::string strChrootPath(config.getChrootPath());
+
+ // TODO: check if there is a "/" at the beginning of scriptFilename
+ scriptFilename.replace(scriptFilename.find(strChrootPath), strChrootPath.length(), "");
+ env.setVar("DOCUMENT_ROOT", "/");
+ env.setVar("SCRIPT_FILENAME", scriptFilename);
}
+ this->checkScriptFile(scriptFilename, config, env);
+
this->changeProcessPermissions(scriptFilename, config, env);
interpreter = this->getInterpreter(env, config);
@@ -396,6 +412,8 @@
env.deleteVar("SUPHP_AUTH_PW");
if (env.hasVar("SUPHP_PHP_CONFIG"))
env.deleteVar("SUPHP_PHP_CONFIG");
+ if (env.hasVar("SUPHP_OPTIONS"))
+ env.deleteVar("SUPHP_OPTIONS");
// Reset PATH
env.putVar("PATH", config.getEnvPath());
Index: README.fedora
===================================================================
RCS file: /cvs/extras/rpms/mod_suphp/devel/README.fedora,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- README.fedora 6 Feb 2006 16:40:00 -0000 1.1
+++ README.fedora 10 Sep 2006 21:04:32 -0000 1.2
@@ -1,7 +1,7 @@
In order to activate mod_suphp support, /etc/httpd/conf.d/mod_suphp.conf
has to be edited.
-The commented line "#AddHandler x-httpd-php .php" has to be uncommented,
+The commented line "suPHP_AddHandler ###HANDLER###" has to be uncommented,
for mod_suphp to work.
After a restart of the httpd, php scripts should be executed with the
@@ -12,7 +12,7 @@
<Directory "/var/www/html">
suPHP_Engine off
- RemoveHandler .php
+ suPHP_RemoveHandler .php
php_admin_flag engine on
php_admin_flag register_globals on
</Directory>
@@ -22,4 +22,4 @@
Should you require mod_userdir support, in order to enable ~user URLs, you should set
check_vhost_docroot=false in the /etc/suphp.conf file, as currently suphp would fail
-with a incorrect vhost.
+with an incorrect vhost.
Index: mod_suphp.conf
===================================================================
RCS file: /cvs/extras/rpms/mod_suphp/devel/mod_suphp.conf,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mod_suphp.conf 6 Feb 2006 16:40:00 -0000 1.1
+++ mod_suphp.conf 10 Sep 2006 21:04:32 -0000 1.2
@@ -1,22 +1,19 @@
# This is the Apache server configuration file providing suPHP support..
# It contains the configuration directives to instruct the server how to
# serve php pages while switching to the user context before rendering.
-# For directives see <URL:http://httpd.apache.org/docs-2.0/mod/mod_suphp.html>
LoadModule suphp_module modules/mod_suphp.so
-# Define PHP Types
-AddType application/x-httpd-php .php
-# To use suPHP to parse PHP-Files
### Uncomment to activate mod_suphp
-#AddHandler x-httpd-php .php
+#suPHP_AddHandler ###HANDLER###
+
# This option tells mod_suphp if a PHP-script requested on this server (or
# VirtualHost) should be run with the PHP-interpreter or returned to the
# browser "as it is".
suPHP_Engine on
-suPHP_AddHandler x-httpd-php
+
# This option tells mod_suphp which path to pass on to the PHP-interpreter
# (by setting the PHPRC environment variable).
Index: mod_suphp.spec
===================================================================
RCS file: /cvs/extras/rpms/mod_suphp/devel/mod_suphp.spec,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- mod_suphp.spec 6 Feb 2006 23:44:45 -0000 1.10
+++ mod_suphp.spec 10 Sep 2006 21:04:32 -0000 1.11
@@ -1,26 +1,31 @@
-# Depending on what version of Fedora we're on, use a different php binary
+# Depending on what version of Fedora we're on, use a different php binary, different apr
+# and also different handler.
%if 0%{?fedora}
%if "%{fedora}" >= "5"
%define php /usr/bin/php-cgi
+ %define handler php5-script
%define apr /usr/bin/apr-1-config
%endif
%if "%{fedora}" == "4"
%define php /usr/bin/php-cgi
+ %define handler x-httpd-php
%define apr /usr/bin/apr-config
%endif
%if "%{fedora}" <= "3"
%define php /usr/bin/php
+ %define handler x-httpd-php
%define apr /usr/bin/apr-config
%endif
%else
%define php /usr/bin/php
+ %define handler x-httpd-php
%define apr /usr/bin/apr-config
%endif
Summary: An apache2 module for executing PHP scripts with the permissions of their owners
Name: mod_suphp
Version: 0.6.1
-Release: 1%{?dist}
+Release: 3%{?dist}
License: GPL
Group: System Environment/Daemons
Source0: http://www.suphp.org/download/suphp-%{version}.tar.gz
@@ -30,30 +35,46 @@
Patch0: mod_suphp-0.6.1-userdir.patch
Patch1: mod_suphp-0.6.1-AddHandler.patch
Patch2: mod_suphp-0.6.1-apr.patch
+Patch3: mod_suphp-0.6.1-chroot.patch
+Patch4: mod_suphp-0.6.1-DoubleFree.patch
URL: http://www.suphp.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: httpd >= 2.0, php
Requires: httpd-mmn = %([ -a %{_includedir}/httpd/.mmn ] && cat %{_includedir}/httpd/.mmn || echo missing)
+Requires(post): policycoreutils
+Requires(postun): policycoreutils
BuildRequires: httpd-devel >= 2.0, apr-devel
+
%description
suPHP is an apache module for executing PHP scripts with the permissions of
their owners. It consists of an Apache module (mod_suphp) and a setuid root
binary (suphp) that is called by the Apache module to change the uid of the
process executing the PHP interpreter.
+Please take a look at %{_docdir}/%{name}-%{version}/README.fedora for
+installation instructions.
+
%prep
%setup -q -n suphp-%{version}
%patch0 -p 1 -b .userdir
%patch1 -p 1 -b .AddHandler
+%patch3 -p 1 -b .chroot
# Patch source to conform to apr 1.x standards
%if "%{fedora}" >= "5"
%patch2 -p 0 -b .apr
%endif
+# fill placeholders
+sed -e 's|###PHP-BIN###|%{php}|g; s|###HANDLER###|%{handler}|g;' %{SOURCE1} > suphp.conf
+sed -e 's|###HANDLER###|%{handler}|g;' %{SOURCE2} > mod_suphp.conf
+sed -e 's|###HANDLER###|%{handler}|g;' %{SOURCE3} > README.fedora
+
+
%build
echo "Building mod_suphp with %{php} as PHP interpreter and %{apr} for the apr configuration script."
+echo "%{handler} is used as a AddHandler."
%configure \
--with-apr=%{apr} \
--with-apxs=/usr/sbin/apxs \
@@ -73,6 +94,7 @@
mv .libs/mod_suphp.so .
popd
+
%install
rm -rf %{buildroot}
@@ -80,27 +102,39 @@
%{__install} -m 755 -D src/apache2/mod_suphp.so %{buildroot}%{_libdir}/httpd/modules/mod_suphp.so
# Install the config files
-sed -e 's@###PHP-BIN###@%{php}@' %{SOURCE1} > suphp.conf
%{__install} -m 644 -D suphp.conf %{buildroot}%{_sysconfdir}/suphp.conf
-%{__install} -m 644 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/httpd/conf.d/mod_suphp.conf
+%{__install} -m 644 -D mod_suphp.conf %{buildroot}%{_sysconfdir}/httpd/conf.d/mod_suphp.conf
# Rename docs
cp doc/CONFIG CONFIG.suphp
cp doc/apache/CONFIG CONFIG.apache
-cp %{SOURCE3} README.fedora
+
%clean
rm -rf $RPM_BUILD_ROOT
+%post
+
+%postun
+
%files
%defattr(-,root,root)
%doc README COPYING CONFIG.suphp CONFIG.apache README.fedora
-%attr (4755, root, root) %{_sbindir}/suphp
+%attr (4550, root, root) %{_sbindir}/suphp
%{_libdir}/httpd/modules/*.so
%config(noreplace) %{_sysconfdir}/suphp.conf
%config(noreplace) %{_sysconfdir}/httpd/conf.d/mod_suphp.conf
+
%changelog
+* Fri Sep 08 2006 Andreas Thienemann <andreas at bawue.net> 0.6.1-3
+- Finally fixed double free corruption #192415
+- Fixed up configuration creation
+
+* Wed May 24 2006 Andreas Thienemann <andreas at bawue.net> 0.6.1-2
+- Corrected handler for mod_suphp.conf
+- Minor cleanups and fixes
+
* Mon Feb 06 2006 Andreas Thienemann <andreas at bawue.net> 0.6.1-1
- Updated to 0.6.1
Index: suphp.conf
===================================================================
RCS file: /cvs/extras/rpms/mod_suphp/devel/suphp.conf,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- suphp.conf 6 Feb 2006 16:36:27 -0000 1.2
+++ suphp.conf 10 Sep 2006 21:04:32 -0000 1.3
@@ -43,7 +43,7 @@
[handlers]
;Handler for php-scripts
-x-httpd-php=php:###PHP-BIN###
+###HANDLER###=php:###PHP-BIN###
;Handler for CGI-scripts
x-suphp-cgi=execute:!self
--- needs.rebuild DELETED ---
More information about the scm-commits
mailing list