www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: config/928: httpd cannot start, apparently because it is unable to open the scoreboard file
Date Sat, 02 Aug 1997 20:20:03 GMT
The following reply was made to PR config/928; it has been noted by GNATS.

From: Marc Slemko <marcs@znep.com>
To: Jesper Holck <holck@knold.ballehs.dk>
Subject: Re: config/928: httpd cannot start, apparently because it is  unable to open the
scoreboard file
Date: Sat, 2 Aug 1997 14:11:41 -0600 (MDT)

 
 
 On Thu, 31 Jul 1997, Jesper Holck wrote:
 
 >  drwxrwxr-x  2 httpd        1024 Jul 28 22:09 logs
 >  
 >  The httpd-daemon is running as user httpd, member of group www, of which
 >  
 >  root also is a member.
 
 Don't do that.  Anyone who can get the uid httpd or gid www can compromise
 the user that starts Apache, which is normally root.
 
 In http_main.c there are two sections with code like this:
 
     scoreboard_fd = popenf(p, scoreboard_fname, O_CREAT|O_BINARY|O_RDWR, 0644);
     if (scoreboard_fd == -1)
     {
         perror (scoreboard_fname);
         fprintf (stderr, "Cannot open scoreboard file:\n");
         exit (1);
     }
 
 Try removing the O_BINARY| from it, ie. leave it something like:
 
     scoreboard_fd = popenf(p, scoreboard_fname, O_CREAT|O_RDWR, 0644);
     if (scoreboard_fd == -1)
     {
         perror (scoreboard_fname);
         fprintf (stderr, "Cannot open scoreboard file:\n");
         exit (1);
     }
 
 Recompile then try starting the server again.
 

Mime
View raw message