diff options
author | Ken Coar <coar@apache.org> | 2001-03-11 23:22:32 +0000 |
---|---|---|
committer | Ken Coar <coar@apache.org> | 2001-03-11 23:22:32 +0000 |
commit | ef5bf37c4d126bc1365dea25c8ddfb4c4604fafb (patch) | |
tree | e21a62433526a059399d670ac7ba1087b177104a /support/suexec.c | |
parent | ce57a82bf62000969778307a13fda43f0e32f4fc (diff) | |
download | httpd-ef5bf37c4d126bc1365dea25c8ddfb4c4604fafb.tar.gz |
Bring forward the suexec umask setting option from 1.3, and
also fix some configure.in bits that would define macros
that needed to be numbers as strings instead.
Obtained from: Apache HTTP Server 1.3
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88493 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'support/suexec.c')
-rw-r--r-- | support/suexec.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/support/suexec.c b/support/suexec.c index 882608ca6f..8550ba9abe 100644 --- a/support/suexec.c +++ b/support/suexec.c @@ -301,11 +301,11 @@ int main(int argc, char *argv[]) #ifdef AP_LOG_EXEC fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC); #endif -#ifdef SAFE_PATH - fprintf(stderr, " -D SAFE_PATH=\"%s\"\n", SAFE_PATH); +#ifdef AP_SAFE_PATH + fprintf(stderr, " -D AP_SAFE_PATH=\"%s\"\n", AP_SAFE_PATH); #endif -#ifdef SUEXEC_UMASK - fprintf(stderr, " -D SUEXEC_UMASK=%03o\n", SUEXEC_UMASK); +#ifdef AP_SUEXEC_UMASK + fprintf(stderr, " -D AP_SUEXEC_UMASK=%03o\n", AP_SUEXEC_UMASK); #endif #ifdef AP_UID_MIN fprintf(stderr, " -D AP_UID_MID=%d\n", AP_UID_MIN); @@ -580,6 +580,16 @@ int main(int argc, char *argv[]) exit(121); } +#ifdef AP_SUEXEC_UMASK + /* + * umask() uses inverse logic; bits are CLEAR for allowed access. + */ + if ((~AP_SUEXEC_UMASK) & 0022) { + log_err("notice: AP_SUEXEC_UMASK of %03o allows " + "write permission to group and/or other\n", AP_SUEXEC_UMASK); + } + umask(AP_SUEXEC_UMASK); +#endif /* AP_SUEXEC_UMASK */ clean_env(); /* |