Bring forward the suexec umask setting option from 1.3, and

	also fix some configure.in bits that would define macros
	that needed to be numbers as strings instead.

Obtained from:	Apache HTTP Server 1.3

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88493 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index b5dcb8d6b98834748dd968c67b831785e33e79ce..f11056ad7a18d7153baad91ebd064f5aaa39d628 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,8 @@
 Changes with Apache 2.0.15-dev
 
+  *) Bring forward the --suexec-umask option which allows the
+     builder to preset the umask for suexec processes.  [Ken Coar]
+
   *) Add a -V flag to suexec, which causes it to display the
      compile-time settings with which it was built.  (Only
      usable by root or the AP_HTTPD_USER username.)  [Ken Coar]

diff --git a/configure.in b/configure.in
index d4f504cba1b792325ddbb734b3308c3f5f943319..0adceeea4859d72ec314a992100ecb01967ce10f 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -183,11 +183,11 @@ AC_ARG_WITH(suexec-docroot,
 
 AC_ARG_WITH(suexec-uidmin,
 [  --with-suexec-uidmin    Minimal allowed UID],[
-  AC_DEFINE_UNQUOTED(AP_UID_MIN, "$withval", [Minimal allowed UID] ) ] )
+  AC_DEFINE_UNQUOTED(AP_UID_MIN, $withval, [Minimum allowed UID] ) ] )
 
 AC_ARG_WITH(suexec-gidmin,
 [  --with-suexec-gidmin    Minimal allowed GID],[
-  AC_DEFINE_UNQUOTED(AP_GID_MIN, "$withval", [Minimal allowed GID] ) ] )
+  AC_DEFINE_UNQUOTED(AP_GID_MIN, $withval, [Minimum allowed GID] ) ] )
 
 AC_ARG_WITH(suexec-logfile,
 [  --with-suexec-logfile   Set the logfile],[
@@ -197,6 +197,10 @@ AC_ARG_WITH(suexec-safepath,
 [  --with-suexec-safepath  Set the safepath],[
   AC_DEFINE_UNQUOTED(AP_SAFE_PATH, "$withval", [safe shell path for SuExec] ) ] )
 
+AC_ARG_WITH(suexec-umask,
+[  --with-suexec-umask     umask for suexec'd process],[
+  AC_DEFINE_UNQUOTED(AP_SUEXEC_UMASK, 0$withval, [umask for suexec'd process] ) ] )
+
 dnl AP_LIB_DIRS specifies the additional libs from srclib/ that we need
 dnl AP_LIBS specifies the actual libraries. note we have some required libs.
 AP_LIBS="srclib/pcre/libpcre.la srclib/apr-util/libaprutil.la $AP_LIBS"

diff --git a/support/suexec.c b/support/suexec.c
index 882608ca6f066d4c23b17375471a56f709691250..8550ba9abefc33e916d2062a626a9154e4f5a279 100644 (file)
--- a/support/suexec.c
+++ b/support/suexec.c
@@ -301,11 +301,11 @@ int main(int argc, char *argv[])
 #ifdef AP_LOG_EXEC
         fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC);
 #endif
-#ifdef SAFE_PATH
-        fprintf(stderr, " -D SAFE_PATH=\"%s\"\n", SAFE_PATH);
+#ifdef AP_SAFE_PATH
+        fprintf(stderr, " -D AP_SAFE_PATH=\"%s\"\n", AP_SAFE_PATH);
 #endif
-#ifdef SUEXEC_UMASK
-        fprintf(stderr, " -D SUEXEC_UMASK=%03o\n", SUEXEC_UMASK);
+#ifdef AP_SUEXEC_UMASK
+        fprintf(stderr, " -D AP_SUEXEC_UMASK=%03o\n", AP_SUEXEC_UMASK);
 #endif
 #ifdef AP_UID_MIN
         fprintf(stderr, " -D AP_UID_MID=%d\n", AP_UID_MIN);
@@ -580,6 +580,16 @@ int main(int argc, char *argv[])
        exit(121);
     }
 
+#ifdef AP_SUEXEC_UMASK
+    /*
+     * umask() uses inverse logic; bits are CLEAR for allowed access.
+     */
+    if ((~AP_SUEXEC_UMASK) & 0022) {
+        log_err("notice: AP_SUEXEC_UMASK of %03o allows "
+                "write permission to group and/or other\n", AP_SUEXEC_UMASK);
+    }
+    umask(AP_SUEXEC_UMASK);
+#endif /* AP_SUEXEC_UMASK */
     clean_env();
 
     /*