cvs commit: apachen/src CHANGES
dgaudet 97/12/14 12:49:50 Modified:src CHANGES Log: note about pr 1319 Revision ChangesPath 1.529 +2 -0 apachen/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apachen/src/CHANGES,v retrieving revision 1.528 retrieving revision 1.529 diff -u -r1.528 -r1.529 --- CHANGES 1997/12/14 14:53:45 1.528 +++ CHANGES 1997/12/14 20:49:48 1.529 @@ -1,5 +1,7 @@ Changes with Apache 1.3b4 + *) "RedirectMatch gone /" would cause a SIGSEGV. [Dean Gaudet] PR#1319 + *) WIN32: avoid overflows during file canonicalisations. [EMAIL PROTECTED] #PR1378
cvs commit: apachen/src/modules/standard mod_alias.c
dgaudet 97/12/14 12:48:56
Modified:src/main alloc.c
src/modules/standard mod_alias.c
Log:
Fix a SIGSEGV for "RedirectMatch gone /". Fix a slight incompatibility
introduced into pstrcat in rev 1.42.
PR: 1319
Reviewed by: Ben Laurie, Martin Kraemer
Revision ChangesPath
1.61 +1 -3 apachen/src/main/alloc.c
Index: alloc.c
===
RCS file: /export/home/cvs/apachen/src/main/alloc.c,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- alloc.c 1997/12/07 21:33:18 1.60
+++ alloc.c 1997/12/14 20:48:54 1.61
@@ -553,11 +553,9 @@
/* Allocate the required string */
-if (len == 0) {
- return NULL;
-}
res = (char *) palloc(a, len + 1);
cp = res;
+*cp = '\0';
/* Pass two --- copy the argument strings into the result space */
1.27 +10 -4 apachen/src/modules/standard/mod_alias.c
Index: mod_alias.c
===
RCS file: /export/home/cvs/apachen/src/modules/standard/mod_alias.c,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- mod_alias.c 1997/10/22 20:30:13 1.26
+++ mod_alias.c 1997/12/14 20:48:55 1.27
@@ -297,10 +297,16 @@
if (p->regexp) {
if (!regexec(p->regexp, r->uri, p->regexp->re_nsub + 1, regm, 0)) {
- found = pregsub(r->pool, p->real, r->uri,
- p->regexp->re_nsub + 1, regm);
- if (found && doesc) {
- found = escape_uri(r->pool, found);
+ if (p->real) {
+ found = pregsub(r->pool, p->real, r->uri,
+ p->regexp->re_nsub + 1, regm);
+ if (found && doesc) {
+ found = escape_uri(r->pool, found);
+ }
+ }
+ else {
+ /* need something non-null */
+ found = pstrdup(r->pool, "");
}
}
}
cvs commit: apachen/src/os/win32 .cvsignore
ben 97/12/14 07:13:26 Modified:src/os/win32 .cvsignore Log: Get up to date. Revision ChangesPath 1.5 +2 -0 apachen/src/os/win32/.cvsignore Index: .cvsignore === RCS file: /export/home/cvs/apachen/src/os/win32/.cvsignore,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- .cvsignore1997/08/17 13:03:31 1.4 +++ .cvsignore1997/12/14 15:13:26 1.5 @@ -21,3 +21,5 @@ ApacheModuleStatusR ApacheModuleUserTrackD ApacheModuleUserTrackR +ApacheOSR +ApacheOSD
cvs commit: apachen/src/os/win32 util_win32.c
ben 97/12/14 06:53:48
Modified:src CHANGES
src/os/win32 util_win32.c
Log:
Fix buffer overflow problem.
PR: 1378
Submitted by: [EMAIL PROTECTED]
Reviewed by: Ben Laurie
Revision ChangesPath
1.528 +5 -1 apachen/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apachen/src/CHANGES,v
retrieving revision 1.527
retrieving revision 1.528
diff -u -r1.527 -r1.528
--- CHANGES 1997/12/14 14:39:35 1.527
+++ CHANGES 1997/12/14 14:53:45 1.528
@@ -1,7 +1,10 @@
Changes with Apache 1.3b4
+ *) WIN32: avoid overflows during file canonicalisations.
+ [EMAIL PROTECTED] #PR1378
+
*) WIN32: set_file_slot() didn't detect absolute paths. [Ben Laurie]
- PR#1511
+ PR#1511, 1508
*) WIN32: mod_status display header didn't match fields. [Ben Laurie]
@@ -23,6 +26,7 @@
[Ben Hyde] PR#1387
*) WIN32: Only lowercase the part of the path that is real. [Ben Laurie]
+ PR#1505
*) Fix problems with timeouts in inetd mode and -X mode. [Dean Gaudet]
1.6 +2 -2 apachen/src/os/win32/util_win32.c
Index: util_win32.c
===
RCS file: /export/home/cvs/apachen/src/os/win32/util_win32.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- util_win32.c 1997/11/27 14:32:40 1.5
+++ util_win32.c 1997/12/14 14:53:47 1.6
@@ -7,7 +7,7 @@
static void sub_canonical_filename(char *szCanon, const char *szFile)
{
-char buf[_MAX_PATH];
+char buf[HUGE_STRING_LEN];
int n;
char *szFilePart;
WIN32_FIND_DATA d;
@@ -56,7 +56,7 @@
API_EXPORT(char *) os_canonical_filename(pool *pPool, const char *szFile)
{
-char buf[_MAX_PATH];
+char buf[HUGE_STRING_LEN];
sub_canonical_filename(buf, szFile);
return pstrdup(pPool, buf);
cvs commit: apachen/src/main http_config.c
ben 97/12/14 06:39:38 Modified:src CHANGES src/main http_config.c Log: Make set_file_slot() use os_is_path_absolute(). PR: 1511 Revision ChangesPath 1.527 +3 -0 apachen/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apachen/src/CHANGES,v retrieving revision 1.526 retrieving revision 1.527 diff -u -r1.526 -r1.527 --- CHANGES 1997/12/14 14:26:11 1.526 +++ CHANGES 1997/12/14 14:39:35 1.527 @@ -1,5 +1,8 @@ Changes with Apache 1.3b4 + *) WIN32: set_file_slot() didn't detect absolute paths. [Ben Laurie] + PR#1511 + *) WIN32: mod_status display header didn't match fields. [Ben Laurie] *) The pthread_mutex_* functions return an error code, and don't 1.88 +1 -1 apachen/src/main/http_config.c Index: http_config.c === RCS file: /export/home/cvs/apachen/src/main/http_config.c,v retrieving revision 1.87 retrieving revision 1.88 diff -u -r1.87 -r1.88 --- http_config.c 1997/11/29 05:51:52 1.87 +++ http_config.c 1997/12/14 14:39:37 1.88 @@ -877,7 +877,7 @@ so the server can be moved or mirrored with less pain. */ char *p; int offset = (int) cmd->info; -if (*arg == '/') +if (os_is_path_absolute(arg)) p = pstrdup(cmd->pool, arg); else p = make_full_path(cmd->pool, server_root, arg);
cvs commit: apachen/src/modules/standard mod_status.c
ben 97/12/14 06:26:13
Modified:src CHANGES
src/modules/standard mod_status.c
Log:
Correct header for Win32.
Revision ChangesPath
1.526 +2 -0 apachen/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apachen/src/CHANGES,v
retrieving revision 1.525
retrieving revision 1.526
diff -u -r1.525 -r1.526
--- CHANGES 1997/12/12 08:09:17 1.525
+++ CHANGES 1997/12/14 14:26:11 1.526
@@ -1,5 +1,7 @@
Changes with Apache 1.3b4
+ *) WIN32: mod_status display header didn't match fields. [Ben Laurie]
+
*) The pthread_mutex_* functions return an error code, and don't
set errno. [Igor Tatarinov <[EMAIL PROTECTED]>]
1.67 +1 -1 apachen/src/modules/standard/mod_status.c
Index: mod_status.c
===
RCS file: /export/home/cvs/apachen/src/modules/standard/mod_status.c,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -r1.66 -r1.67
--- mod_status.c 1997/10/22 20:30:30 1.66
+++ mod_status.c 1997/12/14 14:26:13 1.67
@@ -429,7 +429,7 @@
if (no_table_report)
rputs("Server Details\n\n", r);
else
-#ifdef __EMX__
+#ifdef NO_TIMES
/* Allow for OS/2 not having CPU stats */
rputs("\n\nSrvPIDAccM\nSSReqConnChildSlotHostVHostRequest\n\n",
r);
#else
cvs commit: apache-site related_projects.html
brian 97/12/13 19:13:04 Modified:.related_projects.html Log: Fixed named of Java-Apache project Revision ChangesPath 1.13 +1 -1 apache-site/related_projects.html Index: related_projects.html === RCS file: /export/home/cvs/apache-site/related_projects.html,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- related_projects.html 1997/12/03 07:28:03 1.12 +++ related_projects.html 1997/12/14 03:13:04 1.13 @@ -153,7 +153,7 @@ For more information check out the http://java.apache.org/";> -JSDK/Apache site. +Java-Apache site.
cvs commit: apache-site in_the_news.html
brian 97/12/13 18:59:43 Modified:.in_the_news.html Log: add blurb from SJ Merc. Revision ChangesPath 1.20 +12 -0 apache-site/in_the_news.html Index: in_the_news.html === RCS file: /export/home/cvs/apache-site/in_the_news.html,v retrieving revision 1.19 retrieving revision 1.20 diff -u -r1.19 -r1.20 --- in_the_news.html 1997/12/01 21:37:23 1.19 +++ in_the_news.html 1997/12/14 02:59:42 1.20 @@ -20,6 +20,18 @@ +San Jose Mercury News, December 12th 1997 +http://www1.sjmercury.com/columnists/gillmor/docs/dg121297.htm";> +There's money to be made in freeware + + + If some cosmic force caused all of the free software at work on + today's Internet to suddenly stop running, major portions of the Net + would come to a grinding halt -- because free software, sometimes + called freeware, is at the heart of the action. + + + BYTE Magazine, December 1997 issue http://www.byte.com/art/9712/sec8/art1.htm";> The Value of Free Software
cvs commit: apachen/htdocs/manual/mod mod_access.html
dgaudet 97/12/13 17:15:44 Modified:htdocs/manual/mod mod_access.html Log: Correct two incorrect examples. Describe what each example does. PR: 1544 Submitted by: Dan Astoorian <[EMAIL PROTECTED]> Reviewed by: Dean Gaudet Revision ChangesPath 1.12 +15 -11apachen/htdocs/manual/mod/mod_access.html Index: mod_access.html === RCS file: /export/home/cvs/apachen/htdocs/manual/mod/mod_access.html,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- mod_access.html 1997/12/14 01:07:37 1.11 +++ mod_access.html 1997/12/14 01:15:43 1.12 @@ -94,11 +94,13 @@ BrowserMatch ^KnockKnock/2.0 let_me_in-order allow,deny -allow from env=let_me_in -deny from all +order deny,allow +deny from all +allow from env=let_me_in +In this case browsers with the user-agent string KnockKnock/2.0 will +be allowed access, and all others will be denied. See also deny from env and order. @@ -167,11 +169,13 @@ BrowserMatch ^BadRobot/0.9 go_away-order deny,allow -deny from env=go_away -allow from all +order allow,deny +allow from all +deny from env=go_away +In this case browsers with the user-agent string BadRobot/0.9 will +be denied access, and all others will be allowed. See also allow from env @@ -206,16 +210,16 @@ on the deny list are granted access. (The initial state is irrelevant.) -Note that in all cases every allow and deny -statement is evaluated, there is no "short-circuiting". +Note that in all cases every allow and deny +statement is evaluated, there is no "short-circuiting". Example: -order deny,allow -deny from all -allow from .ncsa.uiuc.edu +order deny,allow +deny from all +allow from .ncsa.uiuc.edu Hosts in the ncsa.uiuc.edu domain are allowed access; all other hosts are
cvs commit: apachen/htdocs/manual/mod mod_access.html
dgaudet 97/12/13 17:07:38 Modified:htdocs/manual/mod mod_access.html Log: Note that the CIDR syntaxes are for 1.3 and later. PR: 1534 Revision ChangesPath 1.11 +4 -4 apachen/htdocs/manual/mod/mod_access.html Index: mod_access.html === RCS file: /export/home/cvs/apachen/htdocs/manual/mod/mod_access.html,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- mod_access.html 1997/07/30 18:41:47 1.10 +++ mod_access.html 1997/12/14 01:07:37 1.11 @@ -53,10 +53,10 @@ An IP address of a host allowed access A partial IP address The first 1 to 3 bytes of an IP address, for subnet restriction. -A network/netmask pair +A network/netmask pair (Apache 1.3 and later) A network a.b.c.d, and a netmask w.x.y.z. For more fine-grained subnet restriction. (i.e. 10.1.0.0/255.255.0.0) -A network/nnn CIDR specification +A network/nnn CIDR specification (Apache 1.3 and later) Similar to the previous case, except the netmask consists of nnn high-order 1 bits. (i.e. 10.1.0.0/16 is the same as 10.1.0.0/255.255.0.0) @@ -127,10 +127,10 @@ An IP address of a host denied access A partial IP address The first 1 to 3 bytes of an IP address, for subnet restriction. -A network/netmask pair +A network/netmask pair (Apache 1.3 and later) A network a.b.c.d, and a netmask w.x.y.z. For more fine-grained subnet restriction. (i.e. 10.1.0.0/255.255.0.0) -A network/nnn CIDR specification +A network/nnn CIDR specification (Apache 1.3 and later) Similar to the previous case, except the netmask consists of nnn high-order 1 bits. (i.e. 10.1.0.0/16 is the same as 10.1.0.0/255.255.0.0)
cvs commit: apachen/htdocs/manual/mod core.html
dgaudet 97/12/13 17:04:57 Modified:htdocs/manual/mod core.html Log: The port documentation was a little unclear on its overlap with the Listen directive. PR: 975 Revision ChangesPath 1.87 +3 -1 apachen/htdocs/manual/mod/core.html Index: core.html === RCS file: /export/home/cvs/apachen/htdocs/manual/mod/core.html,v retrieving revision 1.86 retrieving revision 1.87 diff -u -r1.86 -r1.87 --- core.html 1997/12/14 00:57:45 1.86 +++ core.html 1997/12/14 01:04:56 1.87 @@ -1272,7 +1272,9 @@ In the absence of any Listen or BindAddress directives specifying a port number, -the Port directive sets the network port on which the server listens. +a Port directive given in the "main server" +(i.e. outside anysection) +sets the network port on which the server listens. If there are any Listen or BindAddress directives specifying :number then Port has no effect on what address the server listens at.
cvs commit: apachen/htdocs/manual/mod core.html mod_log_config.html
dgaudet 97/12/13 16:57:47 Modified:htdocs/manual/misc security_tips.html htdocs/manual/mod core.html mod_log_config.html Log: More tweaks related to serverroot/logs/etc. Revision ChangesPath 1.12 +6 -2 apachen/htdocs/manual/misc/security_tips.html Index: security_tips.html === RCS file: /export/home/cvs/apachen/htdocs/manual/misc/security_tips.html,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- security_tips.html1997/12/14 00:49:19 1.11 +++ security_tips.html1997/12/14 00:57:44 1.12 @@ -62,8 +62,12 @@ If you allow non-root users to modify any files that root either executes or writes on then you open your system to root compromises. For example, someone could replace the httpd binary so that the next -time you start it, it will execute some arbitrary code. Or someone -could overwrite the logs with arbitrary data. +time you start it, it will execute some arbitrary code. If the logs +directory is writeable (by a non-root user), someone +could replace a log file with a symlink to some other system file, +and then root might overwrite that file with arbitrary data. If the +log files themselves are writeable (by a non-root user), then someone +may be able to overwrite the log itself with bogus data. Server Side Includes 1.86 +15 -7 apachen/htdocs/manual/mod/core.html Index: core.html === RCS file: /export/home/cvs/apachen/htdocs/manual/mod/core.html,v retrieving revision 1.85 retrieving revision 1.86 diff -u -r1.85 -r1.86 --- core.html 1997/11/15 00:16:48 1.85 +++ core.html 1997/12/14 00:57:45 1.86 @@ -570,7 +570,7 @@ ErrorLog /dev/null This effectively turns off error logging. -SECURITY: See the security tips +SECURITY: See the security tips document for details on why your security could be compromised if the directory where logfiles are stored is writable by anyone other than the user that starts the server. @@ -1025,9 +1025,12 @@ Apache is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at its default value. The main reason for changing it is if -the logs directory is NFS mounted, since the lockfile -should be stored on a local disk if possible. The PID of the main -server process is automatically appended to the filename. +the logs directory is NFS mounted, since the lockfile +must be stored on a local disk. The PID of the main +server process is automatically appended to the filename. + +The LockFile is subject to the same warnings about log file placement and +security. @@ -1245,7 +1248,7 @@ signal to the process id listed in the PidFile. The PidFile is subject to the same warnings about log file placement and -security. +security. @@ -1569,8 +1572,13 @@ The ServerRoot directive sets the directory in which the server lives. Typically it will contain the subdirectories conf/ and logs/. Relative paths for other configuration files are taken -as relative to this directory. -See also the -d option to httpd. +as relative to this directory. + +See also the -d option to httpd. +See also the security tips +for information on how to properly set permissions on the ServerRoot. + + ServerType directive 1.20 +4 -4 apachen/htdocs/manual/mod/mod_log_config.html Index: mod_log_config.html === RCS file: /export/home/cvs/apachen/htdocs/manual/mod/mod_log_config.html,v retrieving revision 1.19 retrieving revision 1.20 diff -u -r1.19 -r1.20 --- mod_log_config.html 1997/09/12 14:50:47 1.19 +++ mod_log_config.html 1997/12/14 00:57:46 1.20 @@ -173,10 +173,10 @@ Security Considerations -See the security tips document -for details on why your security could be compromised if the directory -where logfiles are stored is writable by anyone other than the user -that starts the server. +See the security tips +document for details on why your security could be compromised if the +directory where logfiles are stored is writable by anyone other than +the user that starts the server. Directives
cvs commit: apachen/htdocs/manual/misc security_tips.html
dgaudet 97/12/13 16:49:20 Modified:htdocs/manual install.html htdocs/manual/misc security_tips.html Removed: htdocs/manual install_1_1.html Log: We talk about a "proper installation" occasionally... and assume folks know how to set the perms on the serverroot. But I don't think we document it anywhere. Nowhere that's easily found direct from the "how to install" page. Document it better, link to it. Remove the install_1_1 docs. Update a 1.2 reference to 1.3. Revision ChangesPath 1.18 +4 -5 apachen/htdocs/manual/install.html Index: install.html === RCS file: /export/home/cvs/apachen/htdocs/manual/install.html,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- install.html 1997/11/25 09:47:47 1.17 +++ install.html 1997/12/14 00:49:18 1.18 @@ -14,10 +14,7 @@ > -Compiling and Installing Apache 1.2 - -If you wish to download and install an earlier version of Apache please -read Compiling and Installing Apache 1.1. +Compiling and Installing Apache 1.3 UnixWare users will want to consult build notes for various UnixWare versions before compiling. @@ -128,7 +125,9 @@ designed to be configured and run from the same set of directories where it is compiled. If you want to run it from somewhere else, make a directory and copy the conf, logs and -icons directories into it. +icons directories into it. In either case you should +read the security tips +describing how to set the permissions on the server root directory. The next step is to edit the configuration files for the server. This consists of setting up various directives in up to three 1.11 +42 -10apachen/htdocs/manual/misc/security_tips.html Index: security_tips.html === RCS file: /export/home/cvs/apachen/htdocs/manual/misc/security_tips.html,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- security_tips.html1997/07/06 17:19:07 1.10 +++ security_tips.html1997/12/14 00:49:19 1.11 @@ -22,16 +22,48 @@ -Permissions on Log File Directories -When Apache starts, it opens the log files as the user who started the -server before switching to the user defined in the -User directive. Anyone who -has write permission for the directory where any log files are -being written to can append pseudo-arbitrary data to any file on the -system which is writable by the user who starts Apache. Since the -server is normally started by root, you should NOT give anyone -write permission to the directory where logs are stored unless you -want them to have root access. + +Permissions on ServerRoot Directories +In typical operation, Apache is started by the root +user, and it switches to the user defined by the User directive to serve hits. +As is the case with any command that root executes, you must take care +that it is protected from modification by non-root users. Not only +must the files themselves be writeable only by root, but so must the +directories, and parents of all directories. For example, if you +choose to place ServerRoot in /usr/local/apache then it is +suggested that you create that directory as root, with commands +like these: + + +mkdir /usr/local/apache +cd /usr/local/apache +mkdir bin conf logs +chown 0 . bin conf logs +chgrp 0 . bin conf logs +chmod 755 . bin conf logs + + +It is assumed that /, /usr, and /usr/local are only modifiable by root. +When you install the httpd executable, you should ensure that it is +similarly protected: + + +cp httpd /usr/local/apache/bin +chown 0 /usr/local/apache/bin/httpd +chgrp 0 /usr/local/apache/bin/httpd +chmod 511 /usr/local/apache/bin/httpd + + +You can create an htdocs subdirectory which is modifiable by other +users -- since root never executes any files out of there, and shouldn't +be creating files in there. + +If you allow non-root users to modify any files that root either +executes or writes on then you open your system to root compromises. +For example, someone could replace the httpd binary so that the next +time you start it, it will execute some arbitrary code. Or someone +could overwrite the logs with arbitrary data. Server Side Includes
