[1] | 1 | # scripts.mit.edu httpd suexec patch |
---|
[103] | 2 | # Copyright (C) 2006 Jeff Arnold <jbarnold@mit.edu>, Joe Presbrey <presbrey@mit.edu> |
---|
[1] | 3 | # |
---|
| 4 | # This program is free software; you can redistribute it and/or |
---|
| 5 | # modify it under the terms of the GNU General Public License |
---|
| 6 | # as published by the Free Software Foundation; either version 2 |
---|
| 7 | # of the License, or (at your option) any later version. |
---|
| 8 | # |
---|
| 9 | # This program is distributed in the hope that it will be useful, |
---|
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 12 | # GNU General Public License for more details. |
---|
| 13 | # |
---|
| 14 | # You should have received a copy of the GNU General Public License |
---|
| 15 | # along with this program; if not, write to the Free Software |
---|
| 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
---|
| 17 | # |
---|
| 18 | # See /COPYRIGHT in this repository for more information. |
---|
| 19 | # |
---|
[103] | 20 | --- httpd-2.2.2/support/Makefile.in.old 2005-07-06 19:15:34.000000000 -0400 |
---|
| 21 | +++ httpd-2.2.2/support/Makefile.in 2007-01-20 17:12:51.000000000 -0500 |
---|
| 22 | @@ -60,7 +60,7 @@ |
---|
| 23 | |
---|
| 24 | suexec_OBJECTS = suexec.lo |
---|
| 25 | suexec: $(suexec_OBJECTS) |
---|
| 26 | - $(LINK) $(suexec_OBJECTS) |
---|
| 27 | + $(LINK) -lselinux $(suexec_OBJECTS) |
---|
| 28 | |
---|
| 29 | htcacheclean_OBJECTS = htcacheclean.lo |
---|
| 30 | htcacheclean: $(htcacheclean_OBJECTS) |
---|
[1] | 31 | --- httpd-2.2.2/support/suexec.c.old 2006-04-21 21:53:06.000000000 -0400 |
---|
| 32 | +++ httpd-2.2.2/support/suexec.c 2006-08-25 10:04:22.000000000 -0400 |
---|
[103] | 33 | @@ -46,6 +46,7 @@ |
---|
| 34 | #include <stdio.h> |
---|
| 35 | #include <stdarg.h> |
---|
| 36 | #include <stdlib.h> |
---|
| 37 | +#include <selinux/selinux.h> |
---|
| 38 | |
---|
| 39 | #ifdef HAVE_PWD_H |
---|
| 40 | #include <pwd.h> |
---|
| 41 | @@ -95,6 +96,7 @@ |
---|
[1] | 42 | { |
---|
| 43 | /* variable name starts with */ |
---|
| 44 | "HTTP_", |
---|
| 45 | + "HTTPS_", |
---|
| 46 | "SSL_", |
---|
| 47 | |
---|
| 48 | /* variable name is */ |
---|
[103] | 49 | @@ -140,6 +142,7 @@ |
---|
[1] | 50 | "UNIQUE_ID=", |
---|
| 51 | "USER_NAME=", |
---|
| 52 | "TZ=", |
---|
| 53 | + "PHPRC=", |
---|
| 54 | NULL |
---|
| 55 | }; |
---|
| 56 | |
---|
[103] | 57 | @@ -450,7 +453,7 @@ |
---|
| 58 | * Error out if attempt is made to execute as root or as |
---|
| 59 | * a UID less than AP_UID_MIN. Tsk tsk. |
---|
| 60 | */ |
---|
| 61 | - if ((uid == 0) || (uid < AP_UID_MIN)) { |
---|
| 62 | + if ((uid == 0) || (uid < AP_UID_MIN && uid != 102)) { |
---|
| 63 | log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd); |
---|
| 64 | exit(107); |
---|
| 65 | } |
---|
| 66 | @@ -482,6 +485,17 @@ |
---|
| 67 | log_err("failed to setuid (%ld: %s)\n", uid, cmd); |
---|
| 68 | exit(110); |
---|
| 69 | } |
---|
| 70 | + if (uid == 102) { |
---|
[113] | 71 | + if (setexeccon("system_u:system_r:signup_t:s0") == -1) { |
---|
[204] | 72 | + log_err("failed to setexeccon (%ld: %s) to signup_t\n", uid, cmd); |
---|
[103] | 73 | + exit(201); |
---|
| 74 | + } |
---|
| 75 | + } else { |
---|
| 76 | + if (setexeccon("user_u:user_r:user_t:s0") == -1) { |
---|
[204] | 77 | + log_err("failed to setexeccon (%ld: %s) to user_t\n", uid, cmd); |
---|
[103] | 78 | + exit(202); |
---|
| 79 | + } |
---|
| 80 | + } |
---|
| 81 | |
---|
| 82 | /* |
---|
| 83 | * Get the current working directory, as well as the proper |
---|
| 84 | @@ -513,6 +527,12 @@ |
---|
[1] | 85 | exit(113); |
---|
| 86 | } |
---|
| 87 | } |
---|
| 88 | + char *expected = malloc(strlen(target_homedir)+strlen(AP_USERDIR_SUFFIX)+1); |
---|
| 89 | + sprintf(expected, "%s/%s", target_homedir, AP_USERDIR_SUFFIX); |
---|
| 90 | + if ((strncmp(cwd, expected, strlen(expected))) != 0) { |
---|
| 91 | + log_err("error: file's directory not a subdirectory of user's home directory (%s, %s)\n", cwd, expected); |
---|
| 92 | + exit(114); |
---|
| 93 | + } |
---|
| 94 | |
---|
| 95 | if ((strncmp(cwd, dwd, strlen(dwd))) != 0) { |
---|
| 96 | log_err("command not in docroot (%s/%s)\n", cwd, cmd); |
---|
[103] | 97 | @@ -530,15 +550,17 @@ |
---|
[1] | 98 | /* |
---|
| 99 | * Error out if cwd is writable by others. |
---|
| 100 | */ |
---|
| 101 | +#if 0 |
---|
| 102 | if ((dir_info.st_mode & S_IWOTH) || (dir_info.st_mode & S_IWGRP)) { |
---|
| 103 | log_err("directory is writable by others: (%s)\n", cwd); |
---|
| 104 | exit(116); |
---|
| 105 | } |
---|
| 106 | +#endif |
---|
| 107 | |
---|
| 108 | /* |
---|
| 109 | * Error out if we cannot stat the program. |
---|
| 110 | */ |
---|
| 111 | - if (((lstat(cmd, &prg_info)) != 0) || (S_ISLNK(prg_info.st_mode))) { |
---|
| 112 | + if (((lstat(cmd, &prg_info)) != 0) /*|| (S_ISLNK(prg_info.st_mode))*/) { |
---|
| 113 | log_err("cannot stat program: (%s)\n", cmd); |
---|
| 114 | exit(117); |
---|
| 115 | } |
---|
[103] | 116 | @@ -546,10 +568,12 @@ |
---|
[1] | 117 | /* |
---|
| 118 | * Error out if the program is writable by others. |
---|
| 119 | */ |
---|
| 120 | +#if 0 |
---|
| 121 | if ((prg_info.st_mode & S_IWOTH) || (prg_info.st_mode & S_IWGRP)) { |
---|
| 122 | log_err("file is writable by others: (%s/%s)\n", cwd, cmd); |
---|
| 123 | exit(118); |
---|
| 124 | } |
---|
| 125 | +#endif |
---|
| 126 | |
---|
| 127 | /* |
---|
| 128 | * Error out if the file is setuid or setgid. |
---|
[103] | 129 | @@ -563,6 +587,7 @@ |
---|
[1] | 130 | * Error out if the target name/group is different from |
---|
| 131 | * the name/group of the cwd or the program. |
---|
| 132 | */ |
---|
| 133 | +#if 0 |
---|
| 134 | if ((uid != dir_info.st_uid) || |
---|
| 135 | (gid != dir_info.st_gid) || |
---|
| 136 | (uid != prg_info.st_uid) || |
---|
[103] | 137 | @@ -574,6 +599,7 @@ |
---|
[1] | 138 | prg_info.st_uid, prg_info.st_gid); |
---|
| 139 | exit(120); |
---|
| 140 | } |
---|
| 141 | +#endif |
---|
| 142 | /* |
---|
| 143 | * Error out if the program is not executable for the user. |
---|
| 144 | * Otherwise, she won't find any error in the logs except for |
---|