---- httpd-2.4.4/support/suexec.c.orig 2012-12-03 17:33:42.000000000 +0100
-+++ httpd-2.4.4/support/suexec.c 2013-03-07 23:13:29.312581994 +0100
-@@ -240,6 +240,21 @@
+diff -urNp httpd-2.2.8.orig/support/suexec.c httpd-2.2.8/support/suexec.c
+--- httpd-2.2.8.orig/support/suexec.c 2006-07-12 05:38:44.000000000 +0200
++++ httpd-2.2.8/support/suexec.c 2008-05-13 21:04:25.000000000 +0200
+@@ -245,6 +245,21 @@ static void clean_env(void)
environ = cleanenv;
}
int main(int argc, char *argv[])
{
int userdir = 0; /* ~userdir flag */
-@@ -255,6 +270,7 @@
+@@ -261,6 +276,7 @@ int main(int argc, char *argv[])
char dwd[AP_MAXPATH]; /* docroot working directory */
struct passwd *pw; /* password entry holder */
struct group *gr; /* group entry holder */
struct stat dir_info; /* directory info holder */
struct stat prg_info; /* program info holder */
-@@ -375,8 +391,23 @@
+@@ -382,8 +399,23 @@ int main(int argc, char *argv[])
}
else {
if ((pw = getpwuid(atoi(target_uname))) == NULL) {
+ * If called as suexec.fcgi ignore if there is no passwd
+ * entry for specified UID. Also bail out if UID = 0.
+ */
-+ if(!strcmp(base_pathname(argv[0]),"suexec.fcgi")) {
++ if(!strcmp(base_pathname(prog),"suexec.fcgi")) {
+ tpw.pw_name = strdup(target_uname);
+ tpw.pw_uid = atoi(target_uname);
+ tpw.pw_dir = (char *)"/tmp";
}
}
-@@ -558,6 +589,7 @@
- * Error out if the target name/group is different from
- * the name/group of the cwd or the program.
- */
-+ if(strcmp(base_pathname(argv[0]),"suexec.fcgi")) {
- if ((uid != dir_info.st_uid) ||
- (gid != dir_info.st_gid) ||
- (uid != prg_info.st_uid) ||
-@@ -569,6 +601,7 @@
- (unsigned long)prg_info.st_uid, (unsigned long)prg_info.st_gid);
- exit(120);
+@@ -560,20 +592,24 @@ int main(int argc, char *argv[])
}
-+ }
+
+ /*
+- * Error out if the target name/group is different from
+- * the name/group of the cwd or the program.
+- */
+- if ((uid != dir_info.st_uid) ||
+- (gid != dir_info.st_gid) ||
+- (uid != prg_info.st_uid) ||
+- (gid != prg_info.st_gid)) {
+- log_err("target uid/gid (%ld/%ld) mismatch "
+- "with directory (%ld/%ld) or program (%ld/%ld)\n",
+- uid, gid,
+- dir_info.st_uid, dir_info.st_gid,
+- prg_info.st_uid, prg_info.st_gid);
+- exit(120);
++ * If not called as suexec.fcgi error out if the target
++ * name/group is different from the name/group of the cwd
++ * or the program.
++ */
++ if(strcmp(base_pathname(prog),"suexec.fcgi")) {
++ if ((uid != dir_info.st_uid) ||
++ (gid != dir_info.st_gid) ||
++ (uid != prg_info.st_uid) ||
++ (gid != prg_info.st_gid)) {
++ log_err("target uid/gid (%ld/%ld) mismatch "
++ "with directory (%ld/%ld) or program (%ld/%ld)\n",
++ uid, gid,
++ dir_info.st_uid, dir_info.st_gid,
++ prg_info.st_uid, prg_info.st_gid);
++ exit(120);
++ }
+ }
++
/*
* Error out if the program is not executable for the user.
* Otherwise, she won't find any error in the logs except for