Only let the apache user execute the fpexe stub. Remove a bogus

check in mod_frontpage.c Requested by: nectar
svn path=/head/; revision=54243
2002-02-05 17:25:08 +00:00 · 2002-02-05 17:25:08 +00:00 · 51054622e6 · 2021-03-31 03:12:20 +00:00
commit 51054622e6
parent 43b60cfe88
3 changed files with 54 additions and 0 deletions
--- a/www/mod_frontpage/files/patch-Makefile.PL
+++ b/www/mod_frontpage/files/patch-Makefile.PL
@ -0,0 +1,12 @@
+--- Makefile.PL	Sun Feb  3 12:20:53 2002
+++ Makefile.PL	Tue Feb  5 18:19:43 2002
+@@ -110,7 +110,8 @@
+ $_=~ s|\$\(install\)|$install|;
+ #$_=~ s|\$\(\)|$|;
+ #$_=~ s|\$\(\)|$|;
+-$_=~ s|\$\(fpexec_caller\)|$user|;
+$_=~ s|\$\(fpexec_uidcaller\)|$user|;
+$_=~ s|\$\(fpexec_gidcaller\)|$group|;
+ $_=~ s|\$\(fpexec_uidmin\)|$uid|;
+ $_=~ s|\$\(fpexec_gidmin\)|$gid|;
+ $_=~ s|\$\(fpexec_logexec\)|$errorlog|;
--- a/www/mod_frontpage/files/patch-Makefile.in
+++ b/www/mod_frontpage/files/patch-Makefile.in
@ -0,0 +1,29 @@
+--- Makefile.in	Mon Feb  4 21:19:21 2002
+++ Makefile.in	Tue Feb  5 18:19:23 2002
+@@ -16,7 +16,7 @@
+ DEF=	-DFPEXEC_BIN=\"$(fpexec_bin)\" \
+ 	-DFPSTATIC_BIN=\"$(fpstatic_bin)\"
+ 
+-DEF2=	-DFP_HTTPD_USER=\"$(fpexec_caller)\" \
+DEF2=	-DFP_HTTPD_USER=\"$(fpexec_uidcaller)\" \
+ 	-DFP_UID_MIN=$(fpexec_uidmin) \
+ 	-DFP_GID_MIN=$(fpexec_gidmin) \
+ 	-DFP_LOG_EXEC=\"$(fpexec_logexec)\" \
+@@ -49,14 +49,10 @@
+ #   and activate it in the Apache configuration
+ install: all
+ 	$(APXS) -i -a -n 'frontpage' mod_frontpage.so
+-	$(install) fpexec $(sbindir)/fpexec
+-	chown root.root $(sbindir)/fpexec
+-	chmod 4711 $(sbindir)/fpexec
+-	$(install) fpstatic $(sbindir)/fpstatic
+-	chown root.root $(sbindir)/fpstatic
+-	chmod 755 $(sbindir)/fpstatic
+	$(install) -m 4550 -o root -g $(fpexec_gidcaller) fpexec $(sbindir)/fpexec
+	$(install) -m 0555 -o root -g $(fpexec_gidcaller) fpstatic $(sbindir)/fpstatic
+ 	touch $(fpexec_logexec)
+-	chown $(fpexec_caller) $(fpexec_logexec)
+	chown $(fpexec_uidcaller) $(fpexec_logexec)
+ 
+ #   cleanup
+ clean:
--- a/www/mod_frontpage/files/patch-mod_frontpage.c
+++ b/www/mod_frontpage/files/patch-mod_frontpage.c
@ -0,0 +1,13 @@
+--- mod_frontpage.c	Tue Feb  5 13:56:31 2002
+++ mod_frontpage.c	Tue Feb  5 18:01:27 2002
+@@ -491,10 +491,6 @@
+ 		return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO,
+ 		    "fpEXEC stub writable by group or others");
+ 	}
+-	if (!(r->finfo.st_mode & S_IXOTH)) {
+-		return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO,
+-		    "fpEXEC stub not executable by others");
+-	}
+ 	if (((r->finfo.st_mode & S_ISGID))
+ 	&&  (r->finfo.st_gid != 0)) {
+ 		return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO,