This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 74098 - su gets docroot wrong in vertual hosts
su gets docroot wrong in vertual hosts
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: apache (Show other bugs)
7.2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Joe Orton
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-09-16 00:42 EDT by Need Real Name
Modified: 2007-04-18 12:46 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-21 06:41:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2002-09-16 00:42:08 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9) Gecko/20020513

Description of problem:
I have a virtual host called cc in which I set user/group to cc/cc, valid user
accounts on my system.
In the virtualhost definition I set documentroot to an area outside the main
server's document root, and use scriptalias to specify cgi-bin directories.

I cannot run cgi from within CC's docroot (which I should be able to do) and I
can run cgi from within the master docroot (which I should not be able to).

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
Create a virtual host like this:


.<VirtualHost 192.168.1.1>
    ServerAdmin webmaster@computerdatasafe.com.au
    DocumentRoot /var/ftp/pub/linux
    ServerName cc.computerdatasafe.com.au
    ServerAlias cc
         ScriptAlias /ks/ "/var/ftp/pub/linux/ks/"
         ScriptAlias /cgi-bin/ "/var/ftp/pub/linux/ks/"
         ScriptAlias /Cgi-bin/ /var/www/html/cgi-bin/
    ErrorLog logs/cc-error_log
    CustomLog logs/cc-access_log common
    user cc
    group cc
<Directory "/var/ftp/pub/linux/ks">
    AllowOverride None
    Options ExecCGI FollowSymLinks
    Order allow,deny
    Allow from all
</Directory>
</VirtualHost>

Create a normal user account cc:cc.

With that setup I expect to be alble to fetch http://cc/ks/ks


	

Actual Results:  I cannot fetch http://cc/ks/ks
I can fetch http://cc/Cgi-bin/ks

Additional info:

Here are messages resulting from actually using testcgi:
[root@gw httpd]# tail -5 suexec_log cc-error_log cc-access_log
==> suexec_log <==
[2002-09-16 12:37:52]: info: (target/actual) uid: (cc/cc) gid: (cc/cc) cmd: testcgi
[2002-09-16 12:37:52]: error: target uid/gid (507/507) mismatch with directory
(507/507) or program (0/0)
[2002-09-16 12:39:22]: info: (target/actual) uid: (cc/cc) gid: (cc/cc) cmd: testcgi
[2002-09-16 12:40:03]: info: (target/actual) uid: (cc/cc) gid: (cc/cc) cmd: testcgi
[2002-09-16 12:40:03]: error: command not in docroot (/var/ftp/pub/linux/ks/testcgi)

==> cc-error_log <==
[Mon Sep 16 11:58:52 2002] [error] [client 192.168.1.1] Premature end of script
headers: /var/ftp/pub/linux/ks/testcgi
[Mon Sep 16 12:01:59 2002] [error] [client 192.168.1.1] script not found or
unable to stat: /var/www/html/cgi-bin/testcgi
[Mon Sep 16 12:35:48 2002] [error] [client 192.168.1.1] Premature end of script
headers: /var/www/html/cgi-bin/testcgi
[Mon Sep 16 12:37:52 2002] [error] [client 192.168.1.1] Premature end of script
headers: /var/www/html/cgi-bin/testcgi
[Mon Sep 16 12:40:03 2002] [error] [client 192.168.1.1] Premature end of script
headers: /var/ftp/pub/linux/ks/testcgi

==> cc-access_log <==
192.168.1.1 - - [16/Sep/2002:12:35:48 +0800] "GET /Cgi-bin/testcgi HTTP/1.0" 500 624
192.168.1.1 - - [16/Sep/2002:12:37:31 +0800] "GET /Cgi-bin/testcgi HTTP/1.0" 403 296
192.168.1.1 - - [16/Sep/2002:12:37:52 +0800] "GET /Cgi-bin/testcgi HTTP/1.0" 500 624
192.168.1.1 - - [16/Sep/2002:12:39:22 +0800] "GET /Cgi-bin/testcgi HTTP/1.0" 200
1524
192.168.1.1 - - [16/Sep/2002:12:40:03 +0800] "GET /ks/testcgi HTTP/1.0" 500 624
[root@gw httpd]#
Comment 1 Joe Orton 2004-09-21 06:41:34 EDT
Thanks for the report.  This is a mass bug update; since this release
of Red Hat Linux is no longer supported, please either:

a) try and reproduce the bug with a supported version of Red Hat
Enterprise Linux or Fedora Core, and re-open this bug as appropriate
after changing the Product field, or,

b) if relevant, try and reproduce this bug using the current version
of the upstream package, and report the bug upstream.

Note You need to log in before you can comment on or make changes to this bug.