Re: Apache2 - CGI refuses to work [detailed]
This is a discussion on Re: Apache2 - CGI refuses to work [detailed] within the Apache Web Server forums, part of the Web Server and Related Forums category; I did some poking around in the /var/log/message log-file and found: Aug 19 11:52:46 bombbox ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-19-2003
|
|||
|
|||
Re: Apache2 - CGI refuses to work [detailed]
I did some poking around in the /var/log/message log-file and found:
Aug 19 11:52:46 bombbox kernel: grsec: From 192.168.0.5: denied exec of /webpages/project/cgi-bin/ by (httpd2:12662) UID(71) EUID(71), parent (httpd2:3603) UID(71) EUID(71) reason: untrusted The file /webpages/project/cgi-bin/a.cgi is owned by: james:james and is 755 I am currently running two kernels: 2.4.21-0.25mdksecure (default boot) 2.4.21-0.25mdk I am able to execute cgi scripts under the non-secure kernel. It seems that there is some form of su-exec protection under the secure kernel - does anybody know of any details on this subject? James |
|
08-20-2003
|
|||
|
|||
|
Re: Apache2 - CGI refuses to work [detailed]
James wrote:
> I did some poking around in the /var/log/message log-file and found: > > Aug 19 11:52:46 bombbox kernel: grsec: From 192.168.0.5: denied exec of > /webpages/project/cgi-bin/ by (httpd2:12662) UID(71) > EUID(71), parent (httpd2:3603) UID(71) EUID(71) reason: untrusted > > The file /webpages/project/cgi-bin/a.cgi is owned by: james:james > and > is 755 > > I am currently running two kernels: > > 2.4.21-0.25mdksecure (default boot) > 2.4.21-0.25mdk > > I am able to execute cgi scripts under the non-secure kernel. > > It seems that there is some form of su-exec protection under the secure > kernel - does anybody know of any details on this subject? > > James try changing the ownershipt to apache:apache oir whatever user:group you assigned to apache. This seems to be a problem where the a.chi isnt excecuted due to a permissions problem. Also, I would study everything about "trusted" files as the log message says its untrusted, I dont use a "secure kernel" so really dont know much about it. sorry i cant offer much more Eric |
|
08-20-2003
|
|||
|
|||
|
Re: Apache2 - CGI refuses to work [detailed]
"Eric" <nospam@email.com> wrote in message
> > try changing the ownershipt to apache:apache oir whatever user:group you > assigned to apache. This seems to be a problem where the a.chi isnt > excecuted due to a permissions problem. Also, I would study everything > about "trusted" files as the log message says its untrusted, I dont use > a "secure kernel" so really dont know much about it. > sorry i cant offer much more > Eric The ownership is fine - otherwise the error message would be different. I can execute all cgi files when I boot under the non-secure kernel ... just not under the secure one. I'm still looking into this problem - will post if / when I find some answers. |
Linear Mode
