Bug 183613 - suexec module follows symlinks then realpath's them then complains because they aren't where the symlink is
suexec module follows symlinks then realpath's them then complains because th...
Product: Fedora
Classification: Fedora
Component: httpd (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Joe Orton
Depends On:
  Show dependency treegraph
Reported: 2006-03-02 05:34 EST by JW
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-03-29 10:03:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description JW 2006-03-02 05:34:02 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (compatible; MSIE 6.0; Windows; U; AIIEEEE!; Win98; Windows 98; en-US; Gecko masquerading as IE; should it matter?; rv:1.8b) Gecko/20050217

Description of problem:
If you configure httpd to use suexec module, and you configure a directory with "Options FollowSymLinks", then suexec follows the symlink ok but then it does a realpath() (or whatever) and then complains that the symlink target doesn't live in the "docroot".

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.create a symlink in user ~/public_html/cgi-bin dir to file in any location
2.configure httpd.conf to have above directory have "Options FollowSymLinks" and "ExecCGI"
3.Open broser and execute the cgi


Actual Results:  In /var/log/suexec.log:
command not in docroot (/home/USER/REALPATH/file)

Expected Results:  Should have worked properly

Additional info:

This behaviouuur is quite unlike the behaviouuur in non-suexec locations like /var/www/cgi-bin where followed symlinks can be anywhere outside of so-called docroot.  Since a user is totally constrained as to where they can create a file with a symlink to it, it is pointless for a program like suexec to say otherwise.
Comment 1 Christian Iseli 2007-01-19 19:51:11 EST
This report targets the FC3 or FC4 products, which have now been EOL'd.

Could you please check that it still applies to a current Fedora release, and
either update the target product or close it ?

Comment 2 JW 2007-01-19 20:03:52 EST
Reassigned because Christian Iseli should either contribute positively to this
bug report else leave it alone.
Comment 3 Joe Orton 2007-03-29 10:03:02 EDT
This behaviour is the intent of the suexec security model; it ensures that
directory really does lie within the userdir docroot (~/public_html).  You can
always hard-link files into the public_html if you want.

Note You need to log in before you can comment on or make changes to this bug.