apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 61240] New: apr_file_transfer_contents change breaks htpasswd(1)
Date Thu, 29 Jun 2017 18:02:39 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=61240

            Bug ID: 61240
           Summary: apr_file_transfer_contents change breaks htpasswd(1)
           Product: APR
           Version: 1.6.2
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: APR
          Assignee: bugs@apr.apache.org
          Reporter: hlein-apbz@korelogic.com
  Target Milestone: ---

Created attachment 35090
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=35090&action=edit
Revert the change in behavior of apr_file_transfer_contents which breaks
htpasswd files.

A recent apr commit changed apr_file_transfer_contents to always set the
destination file to match the permissions of the source file, even if the
destination file already exists with different permissions.  This breaks
htpasswd(1) in common configurations.

The one-line change was committed here:
https://svn.apache.org/viewvc?view=revision&revision=1791029

...after being briefly discussed on the apr-dev mailing list, starting here:
https://marc.info/?l=apr-dev&m=149088210914254&w=2

This change had an unintended consequence that causes htpasswd(1) to break
htpasswd files' permissions.

The htpasswd file needs to be readable by Apache's non-root user, so it is
common for it to be root:apache mode 640 or so.  When using htpasswd(1) to
update it, a tempfile is created mode 600, and then apr_file_copy (which calls
apr_file_transfer_contents) is used to copy tempfile contents to the real
htpasswd file.  Since the above change landed in apr 1.62, the permissions of
the real htpasswd file are clobbered, explicitly chmod'ed to 600 to match that
of the tempfile.  All access to content protected by htpasswd will now fail,
because Apache cannot read the file.

Probably this means htpasswd(1) is using apr_file_copy incorrectly, but its use
has not changed for over a decade.  It could easily be that other tools depend
on the longstanding behavior.  Recommend this change be reverted until/unless
all users of apr_file_transfer_contents can be checked for the ramifications.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message