diff options
| author | mbr <mbr@FreeBSD.org> | 2002-02-06 01:25:08 +0800 |
|---|---|---|
| committer | mbr <mbr@FreeBSD.org> | 2002-02-06 01:25:08 +0800 |
| commit | 626c480fbd10a27e40956946228d56deb06289df (patch) | |
| tree | a4c3d13d98088d721ff93ade25e4049a886718f5 /www/mod_frontpage | |
| parent | 76680acbc3bfccc0a2bac59c9c1d8790c1846ce5 (diff) | |
| download | freebsd-ports-gnome-626c480fbd10a27e40956946228d56deb06289df.tar.gz freebsd-ports-gnome-626c480fbd10a27e40956946228d56deb06289df.tar.zst freebsd-ports-gnome-626c480fbd10a27e40956946228d56deb06289df.zip | |
Only let the apache user execute the fpexe stub. Remove a bogus
check in mod_frontpage.c
Requested by: nectar
Diffstat (limited to 'www/mod_frontpage')
| -rw-r--r-- | www/mod_frontpage/files/patch-Makefile.PL | 12 | ||||
| -rw-r--r-- | www/mod_frontpage/files/patch-Makefile.in | 29 | ||||
| -rw-r--r-- | www/mod_frontpage/files/patch-mod_frontpage.c | 13 |
3 files changed, 54 insertions, 0 deletions
diff --git a/www/mod_frontpage/files/patch-Makefile.PL b/www/mod_frontpage/files/patch-Makefile.PL new file mode 100644 index 000000000000..59faa42dcaa7 --- /dev/null +++ b/www/mod_frontpage/files/patch-Makefile.PL @@ -0,0 +1,12 @@ +--- Makefile.PL Sun Feb 3 12:20:53 2002 ++++ Makefile.PL Tue Feb 5 18:19:43 2002 +@@ -110,7 +110,8 @@ + $_=~ s|\$\(install\)|$install|; + #$_=~ s|\$\(\)|$|; + #$_=~ s|\$\(\)|$|; +-$_=~ s|\$\(fpexec_caller\)|$user|; ++$_=~ s|\$\(fpexec_uidcaller\)|$user|; ++$_=~ s|\$\(fpexec_gidcaller\)|$group|; + $_=~ s|\$\(fpexec_uidmin\)|$uid|; + $_=~ s|\$\(fpexec_gidmin\)|$gid|; + $_=~ s|\$\(fpexec_logexec\)|$errorlog|; diff --git a/www/mod_frontpage/files/patch-Makefile.in b/www/mod_frontpage/files/patch-Makefile.in new file mode 100644 index 000000000000..3e4a3d6835b0 --- /dev/null +++ b/www/mod_frontpage/files/patch-Makefile.in @@ -0,0 +1,29 @@ +--- Makefile.in Mon Feb 4 21:19:21 2002 ++++ Makefile.in Tue Feb 5 18:19:23 2002 +@@ -16,7 +16,7 @@ + DEF= -DFPEXEC_BIN=\"$(fpexec_bin)\" \ + -DFPSTATIC_BIN=\"$(fpstatic_bin)\" + +-DEF2= -DFP_HTTPD_USER=\"$(fpexec_caller)\" \ ++DEF2= -DFP_HTTPD_USER=\"$(fpexec_uidcaller)\" \ + -DFP_UID_MIN=$(fpexec_uidmin) \ + -DFP_GID_MIN=$(fpexec_gidmin) \ + -DFP_LOG_EXEC=\"$(fpexec_logexec)\" \ +@@ -49,14 +49,10 @@ + # and activate it in the Apache configuration + install: all + $(APXS) -i -a -n 'frontpage' mod_frontpage.so +- $(install) fpexec $(sbindir)/fpexec +- chown root.root $(sbindir)/fpexec +- chmod 4711 $(sbindir)/fpexec +- $(install) fpstatic $(sbindir)/fpstatic +- chown root.root $(sbindir)/fpstatic +- chmod 755 $(sbindir)/fpstatic ++ $(install) -m 4550 -o root -g $(fpexec_gidcaller) fpexec $(sbindir)/fpexec ++ $(install) -m 0555 -o root -g $(fpexec_gidcaller) fpstatic $(sbindir)/fpstatic + touch $(fpexec_logexec) +- chown $(fpexec_caller) $(fpexec_logexec) ++ chown $(fpexec_uidcaller) $(fpexec_logexec) + + # cleanup + clean: diff --git a/www/mod_frontpage/files/patch-mod_frontpage.c b/www/mod_frontpage/files/patch-mod_frontpage.c new file mode 100644 index 000000000000..8e984a6b80c7 --- /dev/null +++ b/www/mod_frontpage/files/patch-mod_frontpage.c @@ -0,0 +1,13 @@ +--- mod_frontpage.c Tue Feb 5 13:56:31 2002 ++++ mod_frontpage.c Tue Feb 5 18:01:27 2002 +@@ -491,10 +491,6 @@ + return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO, + "fpEXEC stub writable by group or others"); + } +- if (!(r->finfo.st_mode & S_IXOTH)) { +- return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO, +- "fpEXEC stub not executable by others"); +- } + if (((r->finfo.st_mode & S_ISGID)) + && (r->finfo.st_gid != 0)) { + return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO, |