-diff -urNp httpd-2.2.8.orig/support/suexec.c httpd-2.2.8/support/suexec.c
---- httpd-2.2.8.orig/support/suexec.c 2006-07-12 05:38:44.000000000 +0200
-+++ httpd-2.2.8/support/suexec.c 2008-05-13 21:04:25.000000000 +0200
-@@ -245,6 +245,21 @@ static void clean_env(void)
+--- httpd-2.4.4/support/suexec.c.orig 2012-12-03 17:33:42.000000000 +0100
++++ httpd-2.4.4/support/suexec.c 2013-03-07 23:13:29.312581994 +0100
+@@ -240,6 +240,21 @@
environ = cleanenv;
}
int main(int argc, char *argv[])
{
int userdir = 0; /* ~userdir flag */
-@@ -261,6 +276,7 @@ int main(int argc, char *argv[])
+@@ -255,6 +270,7 @@
char dwd[AP_MAXPATH]; /* docroot working directory */
struct passwd *pw; /* password entry holder */
struct group *gr; /* group entry holder */
struct stat dir_info; /* directory info holder */
struct stat prg_info; /* program info holder */
-@@ -270,6 +286,7 @@ int main(int argc, char *argv[])
- clean_env();
-
- prog = argv[0];
-+
- /*
- * Check existence/validity of the UID of the user
- * running this program. Error out if invalid.
-@@ -382,8 +399,23 @@ int main(int argc, char *argv[])
+@@ -375,8 +391,23 @@
}
else {
if ((pw = getpwuid(atoi(target_uname))) == NULL) {
+ * If called as suexec.fcgi ignore if there is no passwd
+ * entry for specified UID. Also bail out if UID = 0.
+ */
-+ if(!strcmp(base_pathname(prog),"suexec.fcgi")) {
++ if(!strcmp(base_pathname(argv[0]),"suexec.fcgi")) {
+ tpw.pw_name = strdup(target_uname);
+ tpw.pw_uid = atoi(target_uname);
+ tpw.pw_dir = (char *)"/tmp";
}
}
-@@ -560,20 +592,24 @@ int main(int argc, char *argv[])
+@@ -558,6 +589,7 @@
+ * Error out if the target name/group is different from
+ * the name/group of the cwd or the program.
+ */
++ if(strcmp(base_pathname(argv[0]),"suexec.fcgi")) {
+ if ((uid != dir_info.st_uid) ||
+ (gid != dir_info.st_gid) ||
+ (uid != prg_info.st_uid) ||
+@@ -569,6 +601,7 @@
+ (unsigned long)prg_info.st_uid, (unsigned long)prg_info.st_gid);
+ exit(120);
}
-
- /*
-- * Error out if the target name/group is different from
-- * the name/group of the cwd or the program.
-- */
-- if ((uid != dir_info.st_uid) ||
-- (gid != dir_info.st_gid) ||
-- (uid != prg_info.st_uid) ||
-- (gid != prg_info.st_gid)) {
-- log_err("target uid/gid (%ld/%ld) mismatch "
-- "with directory (%ld/%ld) or program (%ld/%ld)\n",
-- uid, gid,
-- dir_info.st_uid, dir_info.st_gid,
-- prg_info.st_uid, prg_info.st_gid);
-- exit(120);
-+ * If not called as suexec.fcgi error out if the target
-+ * name/group is different from the name/group of the cwd
-+ * or the program.
-+ */
-+ if(strcmp(base_pathname(prog),"suexec.fcgi")) {
-+ if ((uid != dir_info.st_uid) ||
-+ (gid != dir_info.st_gid) ||
-+ (uid != prg_info.st_uid) ||
-+ (gid != prg_info.st_gid)) {
-+ log_err("target uid/gid (%ld/%ld) mismatch "
-+ "with directory (%ld/%ld) or program (%ld/%ld)\n",
-+ uid, gid,
-+ dir_info.st_uid, dir_info.st_gid,
-+ prg_info.st_uid, prg_info.st_gid);
-+ exit(120);
-+ }
- }
-+
++ }
/*
* Error out if the program is not executable for the user.
* Otherwise, she won't find any error in the logs except for