Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. ModPerl>
  3. ModPerl
[Bug Report] mod_perl runs with GID 0 !
ben.rubson at gmail
Apr 11, 2016, 2:04 PM
Post #1 of 13 (5155 views)
Permalink
-------------8<---------- Start Bug Report ------------8<----------
1. Problem Description:

Hello,

Here is my Apache user and group :

# grep -iE "user|group" httpd.conf
User #1025
Group #1025

# ps axo uid,gid,comm | grep http
1025 1025 httpd
1025 1025 httpd
1025 1025 httpd

Let's run the following example script in mod_perl :

# more test.pl
open(my $fh, ">", "/tmp/test.log");
print $fh "Your UID is " . $< . "\n";
my @groups = split '\s', $(;
print $fh "You belong to these groups: ";
print $fh $_ . " " foreach(@groups);

Let's see the result :

# cat /tmp/test.log
Your UID is 1025
You belong to these groups: 1025 1025

# ls -ln /tmp/test.log
-rw------- 1 1025 0 82 11 Apr 22:25 /tmp/test.log

Question :
Why does the file is owned by group ID 0 ?
It should be 1025.
In addition, the Perl script (and its processes launched using system()) can't use files owned by group #1025.

Thank you,

Best regards,

Ben

2. Used Components and their Configuration:

*** mod_perl version 2.000009

*** using /usr/local/lib/perl5/site_perl/mach/5.20/Apache2/BuildConfig.pm

*** Makefile.PL options:
MP_APR_CONFIG => /usr/local/bin/apr-1-config
MP_APR_LIB => aprext
MP_APXS => /usr/local/sbin/apxs
MP_COMPAT_1X => 1
MP_GENERATE_XS => 1
MP_LIBNAME => mod_perl
MP_USE_DSO => 1


*** The httpd binary was not found


*** (apr|apu)-config linking info

-L/usr/local/lib -laprutil-1 -ldb-5.3 -lgdbm -lexpat -L/usr/lib -L/usr/local/lib -L/usr/local/lib/db5
-L/usr/local/lib -lapr-1 -lcrypt -lpthread



*** /usr/local/bin/perl -V
Summary of my perl5 (revision 5 version 20 subversion 3) configuration:

Platform:
osname=freebsd, osvers=10.1-release-p31, archname=amd64-freebsd-thread-multi
uname='freebsd 101amd64-quarterly-job-02 10.1-release-p31 freebsd 10.1-release-p31 amd64 '
config_args='-sde -Dprefix=/usr/local -Dlibperl=libperl.so.5.20.3 -Darchlib=/usr/local/lib/perl5/5.20/mach -Dprivlib=/usr/local/lib/perl5/5.20 -Dman3dir=/usr/local/lib/perl5/5.20/perl/man/man3 -Dman1dir=/usr/local/lib/perl5/5.20/perl/man/man1 -Dsitearch=/usr/local/lib/perl5/site_perl/mach/5.20 -Dsitelib=/usr/local/lib/perl5/site_perl -Dscriptdir=/usr/local/bin -Dsiteman3dir=/usr/local/lib/perl5/site_perl/man/man3 -Dsiteman1dir=/usr/local/lib/perl5/site_perl/man/man1 -Ui_malloc -Ui_iconv -Uinstallusrbinperl -Dusenm=n -Dcc=cc -Duseshrplib -Dinc_version_list=none -Dcf_by=perl -Dcf_email=perl@FreeBSD.org -Dcf_time=Sat Sep 12 19:09:14 UTC 2015 -Alddlflags=-L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3 -L/usr/local/lib/perl5/5.20/mach/CORE -Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE -lperl -Dshrpldflags=$(LDDLFLAGS:N-L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3:N-L/usr/local/lib/perl5/5.20/mach/CORE:N-Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE:N-lperl) -Wl,-soname,$(LIBPERL:R) -Dotherlibdirs=/usr/local/lib/perl5/site_perl/5.20:/usr/local/lib/perl5/site_perl/5.20/mach -Doptimize=-O2 -pipe -fstack-protector -fno-strict-aliasing -Ui_gdbm -Dusemultiplicity=y -Duse64bitint -Dusethreads=y -Dusemymalloc=n'
hint=recommended, useposix=true, d_sigaction=define
useithreads=define, usemultiplicity=define
use64bitint=define, use64bitall=define, uselongdouble=undef
usemymalloc=n, bincompat5005=undef
Compiler:
cc='cc', ccflags ='-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include',
optimize='-O2 -pipe -fstack-protector -fno-strict-aliasing',
cppflags='-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
ccversion='', gccversion='4.2.1 Compatible FreeBSD Clang 3.4.1 (tags/RELEASE_34/dot1-final 208032)', gccosandvers=''
intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
alignbytes=8, prototype=define
Linker and Libraries:
ld='cc', ldflags ='-lpthread -Wl,-E -fstack-protector -L/usr/local/lib'
libpth=/usr/lib /usr/local/lib /usr/include/clang/3.4.1 /usr/lib
libs=-lpthread -lm -lcrypt -lutil
perllibs=-lpthread -lm -lcrypt -lutil
libc=, so=so, useshrplib=true, libperl=libperl.so.5.20.3
gnulibc_version=''
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' -Wl,-R/usr/local/lib/perl5/5.20/mach/CORE'
cccdlflags='-DPIC -fPIC', lddlflags='-shared -L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3 -L/usr/local/lib/perl5/5.20/mach/CORE -Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE -lperl -L/usr/local/lib -fstack-protector'


Characteristics of this binary (from libperl):
Compile-time options: HAS_TIMES MULTIPLICITY PERLIO_LAYERS
PERL_DONT_CREATE_GVSV
PERL_HASH_FUNC_ONE_AT_A_TIME_HARD
PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP
PERL_NEW_COPY_ON_WRITE PERL_PRESERVE_IVUV
USE_64_BIT_ALL USE_64_BIT_INT USE_ITHREADS
USE_LARGE_FILES USE_LOCALE USE_LOCALE_COLLATE
USE_LOCALE_CTYPE USE_LOCALE_NUMERIC USE_PERLIO
USE_PERL_ATOF USE_REENTRANT_API
Built under freebsd
%ENV:
PERL_LWP_USE_HTTP_10="1"
@INC:
/usr/local/lib/perl5/site_perl/mach/5.20
/usr/local/lib/perl5/site_perl
/usr/local/lib/perl5/5.20/mach
/usr/local/lib/perl5/5.20
/usr/local/lib/perl5/site_perl/5.20
/usr/local/lib/perl5/site_perl/5.20/mach
.

*** Packages of interest status:

Apache2 : -
Apache2::Request : -
CGI : 3.65
ExtUtils::MakeMaker: 6.98
LWP : 6.15
mod_perl : -
mod_perl2 : 2.000009


3. This is the core dump trace: (if you get a core dump):

[CORE TRACE COMES HERE]

4. Additional info :

# uname -a
FreeBSD mysrv 10.3-RELEASE FreeBSD 10.3-RELEASE #0 r297264: Fri Mar 25 02:10:02 UTC 2016 root@releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64

# pkg search -f ap24-mod_perl2
ap24-mod_perl2-2.0.9,3
Name : ap24-mod_perl2
Version : 2.0.9,3
Origin : www/mod_perl2
Architecture : freebsd:10:x86:64
Prefix : /usr/local
Repository : FreeBSD [pkg+http://pkg.FreeBSD.org/FreeBSD:10:amd64/quarterly]

# pkg search -f perl5
perl5-5.20.3_8
Name : perl5
Version : 5.20.3_8
Origin : lang/perl5.20
Architecture : freebsd:10:x86:64
Prefix : /usr/local
Repository : FreeBSD [pkg+http://pkg.FreeBSD.org/FreeBSD:10:amd64/quarterly]

# httpd -V
Server version: Apache/2.4.18 (FreeBSD)
Server built: Apr 5 2016 01:24:22
Server's Module Magic Number: 20120211:52
Server loaded: APR 1.5.2, APR-UTIL 1.5.4
Compiled using: APR 1.5.2, APR-UTIL 1.5.4
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses disabled)
-D APR_USE_FLOCK_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/usr/local"
-D SUEXEC_BIN="/usr/local/bin/suexec"
-D DEFAULT_PIDLOG="/var/run/httpd.pid"
-D DEFAULT_SCOREBOARD="/var/run/apache_runtime_status"
-D DEFAULT_ERRORLOG="/var/log/httpd-error.log"
-D AP_TYPES_CONFIG_FILE="etc/apache24/mime.types"
-D SERVER_CONFIG_FILE="etc/apache24/httpd.conf"

This report was generated by /usr/local/bin/mp2bug on Mon Apr 11 20:49:52 2016 GMT.

-------------8<---------- End Bug Report --------------8<----------
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ruben at mrbrklyn
Apr 11, 2016, 6:08 PM
Post #2 of 13 (5123 views)
Permalink
I'm confused. Why send this to the mailing list?


On Mon, Apr 11, 2016 at 11:04:17PM +0200, Ben RUBSON wrote:
> -------------8<---------- Start Bug Report ------------8<----------
> 1. Problem Description:
>
> Hello,
>
> Here is my Apache user and group :
>
> # grep -iE "user|group" httpd.conf
> User #1025
> Group #1025
>
> # ps axo uid,gid,comm | grep http
> 1025 1025 httpd
> 1025 1025 httpd
> 1025 1025 httpd
>
> Let's run the following example script in mod_perl :
>
> # more test.pl
> open(my $fh, ">", "/tmp/test.log");
> print $fh "Your UID is " . $< . "\n";
> my @groups = split '\s', $(;
> print $fh "You belong to these groups: ";
> print $fh $_ . " " foreach(@groups);
>
> Let's see the result :
>
> # cat /tmp/test.log
> Your UID is 1025
> You belong to these groups: 1025 1025
>
> # ls -ln /tmp/test.log
> -rw------- 1 1025 0 82 11 Apr 22:25 /tmp/test.log
>
> Question :
> Why does the file is owned by group ID 0 ?
> It should be 1025.
> In addition, the Perl script (and its processes launched using system()) can't use files owned by group #1025.
>
> Thank you,
>
> Best regards,
>
> Ben
>
> 2. Used Components and their Configuration:
>
> *** mod_perl version 2.000009
>
> *** using /usr/local/lib/perl5/site_perl/mach/5.20/Apache2/BuildConfig.pm
>
> *** Makefile.PL options:
> MP_APR_CONFIG => /usr/local/bin/apr-1-config
> MP_APR_LIB => aprext
> MP_APXS => /usr/local/sbin/apxs
> MP_COMPAT_1X => 1
> MP_GENERATE_XS => 1
> MP_LIBNAME => mod_perl
> MP_USE_DSO => 1
>
>
> *** The httpd binary was not found
>
>
> *** (apr|apu)-config linking info
>
> -L/usr/local/lib -laprutil-1 -ldb-5.3 -lgdbm -lexpat -L/usr/lib -L/usr/local/lib -L/usr/local/lib/db5
> -L/usr/local/lib -lapr-1 -lcrypt -lpthread
>
>
>
> *** /usr/local/bin/perl -V
> Summary of my perl5 (revision 5 version 20 subversion 3) configuration:
>
> Platform:
> osname=freebsd, osvers=10.1-release-p31, archname=amd64-freebsd-thread-multi
> uname='freebsd 101amd64-quarterly-job-02 10.1-release-p31 freebsd 10.1-release-p31 amd64 '
> config_args='-sde -Dprefix=/usr/local -Dlibperl=libperl.so.5.20.3 -Darchlib=/usr/local/lib/perl5/5.20/mach -Dprivlib=/usr/local/lib/perl5/5.20 -Dman3dir=/usr/local/lib/perl5/5.20/perl/man/man3 -Dman1dir=/usr/local/lib/perl5/5.20/perl/man/man1 -Dsitearch=/usr/local/lib/perl5/site_perl/mach/5.20 -Dsitelib=/usr/local/lib/perl5/site_perl -Dscriptdir=/usr/local/bin -Dsiteman3dir=/usr/local/lib/perl5/site_perl/man/man3 -Dsiteman1dir=/usr/local/lib/perl5/site_perl/man/man1 -Ui_malloc -Ui_iconv -Uinstallusrbinperl -Dusenm=n -Dcc=cc -Duseshrplib -Dinc_version_list=none -Dcf_by=perl -Dcf_email=perl@FreeBSD.org -Dcf_time=Sat Sep 12 19:09:14 UTC 2015 -Alddlflags=-L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3 -L/usr/local/lib/perl5/5.20/mach/CORE -Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE -lperl -Dshrpldflags=$(LDDLFLAGS:N-L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3:N-L/usr/local/lib/perl5/5.20/mach/CORE:N-Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE:N-lperl) -Wl,-soname,$(LIBPERL:R) -Dotherlibdirs=/usr/local/lib/perl5/site_perl/5.20:/usr/local/lib/perl5/site_perl/5.20/mach -Doptimize=-O2 -pipe -fstack-protector -fno-strict-aliasing -Ui_gdbm -Dusemultiplicity=y -Duse64bitint -Dusethreads=y -Dusemymalloc=n'
> hint=recommended, useposix=true, d_sigaction=define
> useithreads=define, usemultiplicity=define
> use64bitint=define, use64bitall=define, uselongdouble=undef
> usemymalloc=n, bincompat5005=undef
> Compiler:
> cc='cc', ccflags ='-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include',
> optimize='-O2 -pipe -fstack-protector -fno-strict-aliasing',
> cppflags='-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
> ccversion='', gccversion='4.2.1 Compatible FreeBSD Clang 3.4.1 (tags/RELEASE_34/dot1-final 208032)', gccosandvers=''
> intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
> d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
> ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
> alignbytes=8, prototype=define
> Linker and Libraries:
> ld='cc', ldflags ='-lpthread -Wl,-E -fstack-protector -L/usr/local/lib'
> libpth=/usr/lib /usr/local/lib /usr/include/clang/3.4.1 /usr/lib
> libs=-lpthread -lm -lcrypt -lutil
> perllibs=-lpthread -lm -lcrypt -lutil
> libc=, so=so, useshrplib=true, libperl=libperl.so.5.20.3
> gnulibc_version=''
> Dynamic Linking:
> dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' -Wl,-R/usr/local/lib/perl5/5.20/mach/CORE'
> cccdlflags='-DPIC -fPIC', lddlflags='-shared -L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3 -L/usr/local/lib/perl5/5.20/mach/CORE -Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE -lperl -L/usr/local/lib -fstack-protector'
>
>
> Characteristics of this binary (from libperl):
> Compile-time options: HAS_TIMES MULTIPLICITY PERLIO_LAYERS
> PERL_DONT_CREATE_GVSV
> PERL_HASH_FUNC_ONE_AT_A_TIME_HARD
> PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP
> PERL_NEW_COPY_ON_WRITE PERL_PRESERVE_IVUV
> USE_64_BIT_ALL USE_64_BIT_INT USE_ITHREADS
> USE_LARGE_FILES USE_LOCALE USE_LOCALE_COLLATE
> USE_LOCALE_CTYPE USE_LOCALE_NUMERIC USE_PERLIO
> USE_PERL_ATOF USE_REENTRANT_API
> Built under freebsd
> %ENV:
> PERL_LWP_USE_HTTP_10="1"
> @INC:
> /usr/local/lib/perl5/site_perl/mach/5.20
> /usr/local/lib/perl5/site_perl
> /usr/local/lib/perl5/5.20/mach
> /usr/local/lib/perl5/5.20
> /usr/local/lib/perl5/site_perl/5.20
> /usr/local/lib/perl5/site_perl/5.20/mach
> .
>
> *** Packages of interest status:
>
> Apache2 : -
> Apache2::Request : -
> CGI : 3.65
> ExtUtils::MakeMaker: 6.98
> LWP : 6.15
> mod_perl : -
> mod_perl2 : 2.000009
>
>
> 3. This is the core dump trace: (if you get a core dump):
>
> [CORE TRACE COMES HERE]
>
> 4. Additional info :
>
> # uname -a
> FreeBSD mysrv 10.3-RELEASE FreeBSD 10.3-RELEASE #0 r297264: Fri Mar 25 02:10:02 UTC 2016 root@releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
>
> # pkg search -f ap24-mod_perl2
> ap24-mod_perl2-2.0.9,3
> Name : ap24-mod_perl2
> Version : 2.0.9,3
> Origin : www/mod_perl2
> Architecture : freebsd:10:x86:64
> Prefix : /usr/local
> Repository : FreeBSD [pkg+http://pkg.FreeBSD.org/FreeBSD:10:amd64/quarterly]
>
> # pkg search -f perl5
> perl5-5.20.3_8
> Name : perl5
> Version : 5.20.3_8
> Origin : lang/perl5.20
> Architecture : freebsd:10:x86:64
> Prefix : /usr/local
> Repository : FreeBSD [pkg+http://pkg.FreeBSD.org/FreeBSD:10:amd64/quarterly]
>
> # httpd -V
> Server version: Apache/2.4.18 (FreeBSD)
> Server built: Apr 5 2016 01:24:22
> Server's Module Magic Number: 20120211:52
> Server loaded: APR 1.5.2, APR-UTIL 1.5.4
> Compiled using: APR 1.5.2, APR-UTIL 1.5.4
> Architecture: 64-bit
> Server MPM: prefork
> threaded: no
> forked: yes (variable process count)
> Server compiled with....
> -D APR_HAS_SENDFILE
> -D APR_HAS_MMAP
> -D APR_HAVE_IPV6 (IPv4-mapped addresses disabled)
> -D APR_USE_FLOCK_SERIALIZE
> -D APR_USE_PTHREAD_SERIALIZE
> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
> -D APR_HAS_OTHER_CHILD
> -D AP_HAVE_RELIABLE_PIPED_LOGS
> -D DYNAMIC_MODULE_LIMIT=256
> -D HTTPD_ROOT="/usr/local"
> -D SUEXEC_BIN="/usr/local/bin/suexec"
> -D DEFAULT_PIDLOG="/var/run/httpd.pid"
> -D DEFAULT_SCOREBOARD="/var/run/apache_runtime_status"
> -D DEFAULT_ERRORLOG="/var/log/httpd-error.log"
> -D AP_TYPES_CONFIG_FILE="etc/apache24/mime.types"
> -D SERVER_CONFIG_FILE="etc/apache24/httpd.conf"
>
> This report was generated by /usr/local/bin/mp2bug on Mon Apr 11 20:49:52 2016 GMT.
>
> -------------8<---------- End Bug Report --------------8<----------

--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ben.rubson at gmail
Apr 11, 2016, 11:11 PM
Post #3 of 13 (5120 views)
Permalink
Because this is the documented procedure :
http://perl.apache.org/docs/2.0/user/help/help.html#Reporting_Problems


> I'm confused. Why send this to the mailing list?
>
>
> On Mon, Apr 11, 2016 at 11:04:17PM +0200, Ben RUBSON wrote:
>> -------------8<---------- Start Bug Report ------------8<----------
>> 1. Problem Description:
>>
>> Hello,
>>
>> Here is my Apache user and group :
>>
>> # grep -iE "user|group" httpd.conf
>> User #1025
>> Group #1025
>>
>> # ps axo uid,gid,comm | grep http
>> 1025 1025 httpd
>> 1025 1025 httpd
>> 1025 1025 httpd
>>
>> Let's run the following example script in mod_perl :
>>
>> # more test.pl
>> open(my $fh, ">", "/tmp/test.log");
>> print $fh "Your UID is " . $< . "\n";
>> my @groups = split '\s', $(;
>> print $fh "You belong to these groups: ";
>> print $fh $_ . " " foreach(@groups);
>>
>> Let's see the result :
>>
>> # cat /tmp/test.log
>> Your UID is 1025
>> You belong to these groups: 1025 1025
>>
>> # ls -ln /tmp/test.log
>> -rw------- 1 1025 0 82 11 Apr 22:25 /tmp/test.log
>>
>> Question :
>> Why does the file is owned by group ID 0 ?
>> It should be 1025.
>> In addition, the Perl script (and its processes launched using system()) can't use files owned by group #1025.
>>
>> Thank you,
>>
>> Best regards,
>>
>> Ben
>>
>> 2. Used Components and their Configuration:
>>
>> *** mod_perl version 2.000009
>>
>> *** using /usr/local/lib/perl5/site_perl/mach/5.20/Apache2/BuildConfig.pm
>>
>> *** Makefile.PL options:
>> MP_APR_CONFIG => /usr/local/bin/apr-1-config
>> MP_APR_LIB => aprext
>> MP_APXS => /usr/local/sbin/apxs
>> MP_COMPAT_1X => 1
>> MP_GENERATE_XS => 1
>> MP_LIBNAME => mod_perl
>> MP_USE_DSO => 1
>>
>>
>> *** The httpd binary was not found
>>
>>
>> *** (apr|apu)-config linking info
>>
>> -L/usr/local/lib -laprutil-1 -ldb-5.3 -lgdbm -lexpat -L/usr/lib -L/usr/local/lib -L/usr/local/lib/db5
>> -L/usr/local/lib -lapr-1 -lcrypt -lpthread
>>
>>
>>
>> *** /usr/local/bin/perl -V
>> Summary of my perl5 (revision 5 version 20 subversion 3) configuration:
>>
>> Platform:
>> osname=freebsd, osvers=10.1-release-p31, archname=amd64-freebsd-thread-multi
>> uname='freebsd 101amd64-quarterly-job-02 10.1-release-p31 freebsd 10.1-release-p31 amd64 '
>> config_args='-sde -Dprefix=/usr/local -Dlibperl=libperl.so.5.20.3 -Darchlib=/usr/local/lib/perl5/5.20/mach -Dprivlib=/usr/local/lib/perl5/5.20 -Dman3dir=/usr/local/lib/perl5/5.20/perl/man/man3 -Dman1dir=/usr/local/lib/perl5/5.20/perl/man/man1 -Dsitearch=/usr/local/lib/perl5/site_perl/mach/5.20 -Dsitelib=/usr/local/lib/perl5/site_perl -Dscriptdir=/usr/local/bin -Dsiteman3dir=/usr/local/lib/perl5/site_perl/man/man3 -Dsiteman1dir=/usr/local/lib/perl5/site_perl/man/man1 -Ui_malloc -Ui_iconv -Uinstallusrbinperl -Dusenm=n -Dcc=cc -Duseshrplib -Dinc_version_list=none -Dcf_by=perl -Dcf_email=perl@FreeBSD.org -Dcf_time=Sat Sep 12 19:09:14 UTC 2015 -Alddlflags=-L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3 -L/usr/local/lib/perl5/5.20/mach/CORE -Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE -lperl -Dshrpldflags=$(LDDLFLAGS:N-L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3:N-L/usr/local/lib/perl5/5.20/mach/CORE:N-Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE:N-lperl) -Wl,-soname,$(LIBPERL:R) -Dotherlibdirs=/usr/local/lib/perl5/site_perl/5.20:/usr/local/lib/perl5/site_perl/5.20/mach -Doptimize=-O2 -pipe -fstack-protector -fno-strict-aliasing -Ui_gdbm -Dusemultiplicity=y -Duse64bitint -Dusethreads=y -Dusemymalloc=n'
>> hint=recommended, useposix=true, d_sigaction=define
>> useithreads=define, usemultiplicity=define
>> use64bitint=define, use64bitall=define, uselongdouble=undef
>> usemymalloc=n, bincompat5005=undef
>> Compiler:
>> cc='cc', ccflags ='-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include',
>> optimize='-O2 -pipe -fstack-protector -fno-strict-aliasing',
>> cppflags='-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
>> ccversion='', gccversion='4.2.1 Compatible FreeBSD Clang 3.4.1 (tags/RELEASE_34/dot1-final 208032)', gccosandvers=''
>> intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
>> d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
>> ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
>> alignbytes=8, prototype=define
>> Linker and Libraries:
>> ld='cc', ldflags ='-lpthread -Wl,-E -fstack-protector -L/usr/local/lib'
>> libpth=/usr/lib /usr/local/lib /usr/include/clang/3.4.1 /usr/lib
>> libs=-lpthread -lm -lcrypt -lutil
>> perllibs=-lpthread -lm -lcrypt -lutil
>> libc=, so=so, useshrplib=true, libperl=libperl.so.5.20.3
>> gnulibc_version=''
>> Dynamic Linking:
>> dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' -Wl,-R/usr/local/lib/perl5/5.20/mach/CORE'
>> cccdlflags='-DPIC -fPIC', lddlflags='-shared -L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3 -L/usr/local/lib/perl5/5.20/mach/CORE -Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE -lperl -L/usr/local/lib -fstack-protector'
>>
>>
>> Characteristics of this binary (from libperl):
>> Compile-time options: HAS_TIMES MULTIPLICITY PERLIO_LAYERS
>> PERL_DONT_CREATE_GVSV
>> PERL_HASH_FUNC_ONE_AT_A_TIME_HARD
>> PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP
>> PERL_NEW_COPY_ON_WRITE PERL_PRESERVE_IVUV
>> USE_64_BIT_ALL USE_64_BIT_INT USE_ITHREADS
>> USE_LARGE_FILES USE_LOCALE USE_LOCALE_COLLATE
>> USE_LOCALE_CTYPE USE_LOCALE_NUMERIC USE_PERLIO
>> USE_PERL_ATOF USE_REENTRANT_API
>> Built under freebsd
>> %ENV:
>> PERL_LWP_USE_HTTP_10="1"
>> @INC:
>> /usr/local/lib/perl5/site_perl/mach/5.20
>> /usr/local/lib/perl5/site_perl
>> /usr/local/lib/perl5/5.20/mach
>> /usr/local/lib/perl5/5.20
>> /usr/local/lib/perl5/site_perl/5.20
>> /usr/local/lib/perl5/site_perl/5.20/mach
>> .
>>
>> *** Packages of interest status:
>>
>> Apache2 : -
>> Apache2::Request : -
>> CGI : 3.65
>> ExtUtils::MakeMaker: 6.98
>> LWP : 6.15
>> mod_perl : -
>> mod_perl2 : 2.000009
>>
>>
>> 3. This is the core dump trace: (if you get a core dump):
>>
>> [CORE TRACE COMES HERE]
>>
>> 4. Additional info :
>>
>> # uname -a
>> FreeBSD mysrv 10.3-RELEASE FreeBSD 10.3-RELEASE #0 r297264: Fri Mar 25 02:10:02 UTC 2016 root@releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
>>
>> # pkg search -f ap24-mod_perl2
>> ap24-mod_perl2-2.0.9,3
>> Name : ap24-mod_perl2
>> Version : 2.0.9,3
>> Origin : www/mod_perl2
>> Architecture : freebsd:10:x86:64
>> Prefix : /usr/local
>> Repository : FreeBSD [pkg+http://pkg.FreeBSD.org/FreeBSD:10:amd64/quarterly]
>>
>> # pkg search -f perl5
>> perl5-5.20.3_8
>> Name : perl5
>> Version : 5.20.3_8
>> Origin : lang/perl5.20
>> Architecture : freebsd:10:x86:64
>> Prefix : /usr/local
>> Repository : FreeBSD [pkg+http://pkg.FreeBSD.org/FreeBSD:10:amd64/quarterly]
>>
>> # httpd -V
>> Server version: Apache/2.4.18 (FreeBSD)
>> Server built: Apr 5 2016 01:24:22
>> Server's Module Magic Number: 20120211:52
>> Server loaded: APR 1.5.2, APR-UTIL 1.5.4
>> Compiled using: APR 1.5.2, APR-UTIL 1.5.4
>> Architecture: 64-bit
>> Server MPM: prefork
>> threaded: no
>> forked: yes (variable process count)
>> Server compiled with....
>> -D APR_HAS_SENDFILE
>> -D APR_HAS_MMAP
>> -D APR_HAVE_IPV6 (IPv4-mapped addresses disabled)
>> -D APR_USE_FLOCK_SERIALIZE
>> -D APR_USE_PTHREAD_SERIALIZE
>> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>> -D APR_HAS_OTHER_CHILD
>> -D AP_HAVE_RELIABLE_PIPED_LOGS
>> -D DYNAMIC_MODULE_LIMIT=256
>> -D HTTPD_ROOT="/usr/local"
>> -D SUEXEC_BIN="/usr/local/bin/suexec"
>> -D DEFAULT_PIDLOG="/var/run/httpd.pid"
>> -D DEFAULT_SCOREBOARD="/var/run/apache_runtime_status"
>> -D DEFAULT_ERRORLOG="/var/log/httpd-error.log"
>> -D AP_TYPES_CONFIG_FILE="etc/apache24/mime.types"
>> -D SERVER_CONFIG_FILE="etc/apache24/httpd.conf"
>>
>> This report was generated by /usr/local/bin/mp2bug on Mon Apr 11 20:49:52 2016 GMT.
>>
>> -------------8<---------- End Bug Report --------------8<----------
>
> --
> So many immigrant groups have swept through our town
> that Brooklyn, like Atlantis, reaches mythological
> proportions in the mind of the world - RI Safir 1998
> http://www.mrbrklyn.com
>
> DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
> http://www.nylxs.com - Leadership Development in Free Software
> http://www2.mrbrklyn.com/resources - Unpublished Archive
> http://www.coinhangout.com - coins!
> http://www.brooklyn-living.com
>
> Being so tracked is for FARM ANIMALS and and extermination camps,
> but incompatible with living as a free human being. -RI Safir 2013
>
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ruben at mrbrklyn
Apr 12, 2016, 5:45 AM
Post #4 of 13 (5110 views)
Permalink
On 04/12/2016 02:11 AM, Ben RUBSON wrote:
> Because this is the documented procedure :
> http://perl.apache.org/docs/2.0/user/help/help.html#Reporting_Problems
>

Interesting. I don't ever recall seeing a bug report on this list. I
always assumed there to be a developed list.

>
>> I'm confused. Why send this to the mailing list?
>>
>>
>> On Mon, Apr 11, 2016 at 11:04:17PM +0200, Ben RUBSON wrote:
>>> -------------8<---------- Start Bug Report ------------8<----------
>>> 1. Problem Description:
>>>
>>> Hello,
>>>
>>> Here is my Apache user and group :
>>>
>>> # grep -iE "user|group" httpd.conf
>>> User #1025
>>> Group #1025
>>>
>>> # ps axo uid,gid,comm | grep http
>>> 1025 1025 httpd
>>> 1025 1025 httpd
>>> 1025 1025 httpd
>>>
>>> Let's run the following example script in mod_perl :
>>>
>>> # more test.pl
>>> open(my $fh, ">", "/tmp/test.log");
>>> print $fh "Your UID is " . $< . "\n";
>>> my @groups = split '\s', $(;
>>> print $fh "You belong to these groups: ";
>>> print $fh $_ . " " foreach(@groups);
>>>
>>> Let's see the result :
>>>
>>> # cat /tmp/test.log
>>> Your UID is 1025
>>> You belong to these groups: 1025 1025
>>>
>>> # ls -ln /tmp/test.log
>>> -rw------- 1 1025 0 82 11 Apr 22:25 /tmp/test.log
>>>
>>> Question :
>>> Why does the file is owned by group ID 0 ?
>>> It should be 1025.
>>> In addition, the Perl script (and its processes launched using system()) can't use files owned by group #1025.
>>>
>>> Thank you,
>>>
>>> Best regards,
>>>
>>> Ben
>>>
>>> 2. Used Components and their Configuration:
>>>
>>> *** mod_perl version 2.000009
>>>
>>> *** using /usr/local/lib/perl5/site_perl/mach/5.20/Apache2/BuildConfig.pm
>>>
>>> *** Makefile.PL options:
>>> MP_APR_CONFIG => /usr/local/bin/apr-1-config
>>> MP_APR_LIB => aprext
>>> MP_APXS => /usr/local/sbin/apxs
>>> MP_COMPAT_1X => 1
>>> MP_GENERATE_XS => 1
>>> MP_LIBNAME => mod_perl
>>> MP_USE_DSO => 1
>>>
>>>
>>> *** The httpd binary was not found
>>>
>>>
>>> *** (apr|apu)-config linking info
>>>
>>> -L/usr/local/lib -laprutil-1 -ldb-5.3 -lgdbm -lexpat -L/usr/lib -L/usr/local/lib -L/usr/local/lib/db5
>>> -L/usr/local/lib -lapr-1 -lcrypt -lpthread
>>>
>>>
>>>
>>> *** /usr/local/bin/perl -V
>>> Summary of my perl5 (revision 5 version 20 subversion 3) configuration:
>>>
>>> Platform:
>>> osname=freebsd, osvers=10.1-release-p31, archname=amd64-freebsd-thread-multi
>>> uname='freebsd 101amd64-quarterly-job-02 10.1-release-p31 freebsd 10.1-release-p31 amd64 '
>>> config_args='-sde -Dprefix=/usr/local -Dlibperl=libperl.so.5.20.3 -Darchlib=/usr/local/lib/perl5/5.20/mach -Dprivlib=/usr/local/lib/perl5/5.20 -Dman3dir=/usr/local/lib/perl5/5.20/perl/man/man3 -Dman1dir=/usr/local/lib/perl5/5.20/perl/man/man1 -Dsitearch=/usr/local/lib/perl5/site_perl/mach/5.20 -Dsitelib=/usr/local/lib/perl5/site_perl -Dscriptdir=/usr/local/bin -Dsiteman3dir=/usr/local/lib/perl5/site_perl/man/man3 -Dsiteman1dir=/usr/local/lib/perl5/site_perl/man/man1 -Ui_malloc -Ui_iconv -Uinstallusrbinperl -Dusenm=n -Dcc=cc -Duseshrplib -Dinc_version_list=none -Dcf_by=perl -Dcf_email=perl@FreeBSD.org -Dcf_time=Sat Sep 12 19:09:14 UTC 2015 -Alddlflags=-L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3 -L/usr/local/lib/perl5/5.20/mach/CORE -Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE -lperl -Dshrpldflags=$(LDDLFLAGS:N-L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3:N-L/usr/local/lib/perl5/5.20/mach/CORE:N-Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE:N-lperl) -Wl,-soname,$
(
LIBPERL:R) -Dotherlibdirs=/usr/local/lib/perl5/site_perl/5.20:/usr/local/lib/perl5/site_perl/5.20/mach -Doptimize=-O2 -pipe -fstack-protector -fno-strict-aliasing -Ui_gdbm -Dusemultiplicity=y -Duse64bitint -Dusethreads=y -Dusemymalloc=n'
>>> hint=recommended, useposix=true, d_sigaction=define
>>> useithreads=define, usemultiplicity=define
>>> use64bitint=define, use64bitall=define, uselongdouble=undef
>>> usemymalloc=n, bincompat5005=undef
>>> Compiler:
>>> cc='cc', ccflags ='-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include',
>>> optimize='-O2 -pipe -fstack-protector -fno-strict-aliasing',
>>> cppflags='-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
>>> ccversion='', gccversion='4.2.1 Compatible FreeBSD Clang 3.4.1 (tags/RELEASE_34/dot1-final 208032)', gccosandvers=''
>>> intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
>>> d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
>>> ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
>>> alignbytes=8, prototype=define
>>> Linker and Libraries:
>>> ld='cc', ldflags ='-lpthread -Wl,-E -fstack-protector -L/usr/local/lib'
>>> libpth=/usr/lib /usr/local/lib /usr/include/clang/3.4.1 /usr/lib
>>> libs=-lpthread -lm -lcrypt -lutil
>>> perllibs=-lpthread -lm -lcrypt -lutil
>>> libc=, so=so, useshrplib=true, libperl=libperl.so.5.20.3
>>> gnulibc_version=''
>>> Dynamic Linking:
>>> dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' -Wl,-R/usr/local/lib/perl5/5.20/mach/CORE'
>>> cccdlflags='-DPIC -fPIC', lddlflags='-shared -L/wrkdirs/usr/ports/lang/perl5.20/work/perl-5.20.3 -L/usr/local/lib/perl5/5.20/mach/CORE -Wl,-rpath=/usr/local/lib/perl5/5.20/mach/CORE -lperl -L/usr/local/lib -fstack-protector'
>>>
>>>
>>> Characteristics of this binary (from libperl):
>>> Compile-time options: HAS_TIMES MULTIPLICITY PERLIO_LAYERS
>>> PERL_DONT_CREATE_GVSV
>>> PERL_HASH_FUNC_ONE_AT_A_TIME_HARD
>>> PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP
>>> PERL_NEW_COPY_ON_WRITE PERL_PRESERVE_IVUV
>>> USE_64_BIT_ALL USE_64_BIT_INT USE_ITHREADS
>>> USE_LARGE_FILES USE_LOCALE USE_LOCALE_COLLATE
>>> USE_LOCALE_CTYPE USE_LOCALE_NUMERIC USE_PERLIO
>>> USE_PERL_ATOF USE_REENTRANT_API
>>> Built under freebsd
>>> %ENV:
>>> PERL_LWP_USE_HTTP_10="1"
>>> @INC:
>>> /usr/local/lib/perl5/site_perl/mach/5.20
>>> /usr/local/lib/perl5/site_perl
>>> /usr/local/lib/perl5/5.20/mach
>>> /usr/local/lib/perl5/5.20
>>> /usr/local/lib/perl5/site_perl/5.20
>>> /usr/local/lib/perl5/site_perl/5.20/mach
>>> .
>>>
>>> *** Packages of interest status:
>>>
>>> Apache2 : -
>>> Apache2::Request : -
>>> CGI : 3.65
>>> ExtUtils::MakeMaker: 6.98
>>> LWP : 6.15
>>> mod_perl : -
>>> mod_perl2 : 2.000009
>>>
>>>
>>> 3. This is the core dump trace: (if you get a core dump):
>>>
>>> [CORE TRACE COMES HERE]
>>>
>>> 4. Additional info :
>>>
>>> # uname -a
>>> FreeBSD mysrv 10.3-RELEASE FreeBSD 10.3-RELEASE #0 r297264: Fri Mar 25 02:10:02 UTC 2016 root@releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
>>>
>>> # pkg search -f ap24-mod_perl2
>>> ap24-mod_perl2-2.0.9,3
>>> Name : ap24-mod_perl2
>>> Version : 2.0.9,3
>>> Origin : www/mod_perl2
>>> Architecture : freebsd:10:x86:64
>>> Prefix : /usr/local
>>> Repository : FreeBSD [pkg+http://pkg.FreeBSD.org/FreeBSD:10:amd64/quarterly]
>>>
>>> # pkg search -f perl5
>>> perl5-5.20.3_8
>>> Name : perl5
>>> Version : 5.20.3_8
>>> Origin : lang/perl5.20
>>> Architecture : freebsd:10:x86:64
>>> Prefix : /usr/local
>>> Repository : FreeBSD [pkg+http://pkg.FreeBSD.org/FreeBSD:10:amd64/quarterly]
>>>
>>> # httpd -V
>>> Server version: Apache/2.4.18 (FreeBSD)
>>> Server built: Apr 5 2016 01:24:22
>>> Server's Module Magic Number: 20120211:52
>>> Server loaded: APR 1.5.2, APR-UTIL 1.5.4
>>> Compiled using: APR 1.5.2, APR-UTIL 1.5.4
>>> Architecture: 64-bit
>>> Server MPM: prefork
>>> threaded: no
>>> forked: yes (variable process count)
>>> Server compiled with....
>>> -D APR_HAS_SENDFILE
>>> -D APR_HAS_MMAP
>>> -D APR_HAVE_IPV6 (IPv4-mapped addresses disabled)
>>> -D APR_USE_FLOCK_SERIALIZE
>>> -D APR_USE_PTHREAD_SERIALIZE
>>> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>>> -D APR_HAS_OTHER_CHILD
>>> -D AP_HAVE_RELIABLE_PIPED_LOGS
>>> -D DYNAMIC_MODULE_LIMIT=256
>>> -D HTTPD_ROOT="/usr/local"
>>> -D SUEXEC_BIN="/usr/local/bin/suexec"
>>> -D DEFAULT_PIDLOG="/var/run/httpd.pid"
>>> -D DEFAULT_SCOREBOARD="/var/run/apache_runtime_status"
>>> -D DEFAULT_ERRORLOG="/var/log/httpd-error.log"
>>> -D AP_TYPES_CONFIG_FILE="etc/apache24/mime.types"
>>> -D SERVER_CONFIG_FILE="etc/apache24/httpd.conf"
>>>
>>> This report was generated by /usr/local/bin/mp2bug on Mon Apr 11 20:49:52 2016 GMT.
>>>
>>> -------------8<---------- End Bug Report --------------8<----------
>>
>> --
>> So many immigrant groups have swept through our town
>> that Brooklyn, like Atlantis, reaches mythological
>> proportions in the mind of the world - RI Safir 1998
>> http://www.mrbrklyn.com
>>
>> DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
>> http://www.nylxs.com - Leadership Development in Free Software
>> http://www2.mrbrklyn.com/resources - Unpublished Archive
>> http://www.coinhangout.com - coins!
>> http://www.brooklyn-living.com
>>
>> Being so tracked is for FARM ANIMALS and and extermination camps,
>> but incompatible with living as a free human being. -RI Safir 2013
>>
>


--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ben.rubson at gmail
Apr 12, 2016, 5:52 AM
Post #5 of 13 (5105 views)
Permalink
>> Because this is the documented procedure :
>> http://perl.apache.org/docs/2.0/user/help/help.html#Reporting_Problems
>>
>
> Interesting. I don't ever recall seeing a bug report on this list. I
> always assumed there to be a developed list.

I had a look at the Apache BugZilla, but there is no mod_perl section :
https://bz.apache.org/bugzilla/enter_bug.cgi

I hope there are still some devs on this list :)

Ben
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
jdg117 at elvis
Apr 12, 2016, 5:53 AM
Post #6 of 13 (5103 views)
Permalink
In message <88583F53-89D2-40AA-B850-CC819C5E60EC@gmail.com>, Ben RUBSON writes:
>Let's run the following example script in mod_perl :
>
># more test.pl
>open(my $fh, ">", "/tmp/test.log");
>print $fh "Your UID is " . $< . "\n";
>my @groups = split '\s', $(;
>print $fh "You belong to these groups: ";
>print $fh $_ . " " foreach(@groups);

How did you run the script?
I don't see the relevant section or directive from your
httpd.conf.

John
groenveld@acm.org
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ben.rubson at gmail
Apr 12, 2016, 5:57 AM
Post #7 of 13 (5104 views)
Permalink
>> Let's run the following example script in mod_perl :
>>
>> # more test.pl
>> open(my $fh, ">", "/tmp/test.log");
>> print $fh "Your UID is " . $< . "\n";
>> my @groups = split '\s', $(;
>> print $fh "You belong to these groups: ";
>> print $fh $_ . " " foreach(@groups);
>
> How did you run the script?
> I don't see the relevant section or directive from your
> httpd.conf.

Is it what you need ?

<Directory /mydocumentroot/perl>
Options ExecCGI
AllowOverride None
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
SetHandler perl-script
PerlHandler ModPerl::Registry
</Directory>

Ben
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ben.rubson at gmail
Apr 12, 2016, 6:03 AM
Post #8 of 13 (5104 views)
Permalink
>> Let's run the following example script in mod_perl :
>>
>> # more test.pl
>> open(my $fh, ">", "/tmp/test.log");
>> print $fh "Your UID is " . $< . "\n";
>> my @groups = split '\s', $(;
>> print $fh "You belong to these groups: ";
>> print $fh $_ . " " foreach(@groups);
>
> How did you run the script?
> I don't see the relevant section or directive from your
> httpd.conf.

Not that I ran exactly the same test, with same Apache configuration, on the following :
Debian 7, Apache 2.2.22-13+deb7u6, mod_perl 2.0.7-3, perl 5.14.2-21+deb7u3
And did not experienced this bug.

Ben
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ben.rubson at gmail
Apr 12, 2016, 6:25 AM
Post #9 of 13 (5093 views)
Permalink
>> Let's run the following example script in mod_perl :
>>
>> # more test.pl
>> open(my $fh, ">", "/tmp/test.log");
>> print $fh "Your UID is " . $< . "\n";
>> my @groups = split '\s', $(;
>> print $fh "You belong to these groups: ";
>> print $fh $_ . " " foreach(@groups);
>
> How did you run the script?
> I don't see the relevant section or directive from your
> httpd.conf.

And what is a little bit frightening here is that Apache is launched by the #1025 user itself.
So how could it be possible for it to generate a file owned by group #0...
Very strange !
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
jdg117 at elvis
Apr 12, 2016, 7:30 AM
Post #10 of 13 (5092 views)
Permalink
In message <A383E171-F44F-4744-A69A-65B527F075DC@gmail.com>, Ben RUBSON writes:
>And what is a little bit frightening here is that Apache is launched by the #1025 user itself.
>So how could it be possible for it to generate a file owned by group #0...
>Very strange !

Something is misconfigured, but its not related to modperl.
Disable modperl by commenting out the LoadModule and Perl* directives
and you'll see the httpd processes are running with incorrect privs.

How do you "launch" Apache?
Are you using your own httpd or a FreeBSD port or pkg?

John
groenveld@acm.org
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ben.rubson at gmail
Apr 12, 2016, 7:54 AM
Post #11 of 13 (5093 views)
Permalink
>> And what is a little bit frightening here is that Apache is launched by the #1025 user itself.
>> So how could it be possible for it to generate a file owned by group #0...
>> Very strange !
>
> Something is misconfigured, but its not related to modperl.

You're totally right, and I would like to apologize for this, for lost time...

And many thanks to John H. too who gave me the clue, the SGID bit...
On BSD, group permissions are a little bit different than on Linux :
http://unix.stackexchange.com/questions/115631/getting-new-files-to-inherit-group-permissions-on-linux
The files created inside a directory will be owned by the group of the directory, not by the primary group of the user which creates the file...
This confused me...

I'm really sorry for the useless noise :|

Ben
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
ruben at mrbrklyn
Apr 12, 2016, 7:59 AM
Post #12 of 13 (5096 views)
Permalink
On 04/12/2016 10:54 AM, Ben RUBSON wrote:
> The files created inside a directory will be owned by the group of the directory, not by the primary group of the user which creates the file...
> This confused me...
>
> I'm really sorry for the useless noise :|


its not noise. I learned something, two somethings actually.


--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
Re: [Bug Report] mod_perl runs with GID 0 ! [ In reply to ]
john at lariat
Apr 12, 2016, 8:01 AM
Post #13 of 13 (5093 views)
Permalink
The only stupid question is the one you don't ask.

On Tue, Apr 12, 2016 at 10:59 AM, Ruben Safir <ruben@mrbrklyn.com> wrote:

> On 04/12/2016 10:54 AM, Ben RUBSON wrote:
> > The files created inside a directory will be owned by the group of the
> directory, not by the primary group of the user which creates the file...
> > This confused me...
> >
> > I'm really sorry for the useless noise :|
>
>
> its not noise. I learned something, two somethings actually.
>
>
> --
> So many immigrant groups have swept through our town
> that Brooklyn, like Atlantis, reaches mythological
> proportions in the mind of the world - RI Safir 1998
> http://www.mrbrklyn.com
>
> DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
> http://www.nylxs.com - Leadership Development in Free Software
> http://www2.mrbrklyn.com/resources - Unpublished Archive
> http://www.coinhangout.com - coins!
> http://www.brooklyn-living.com
>
> Being so tracked is for FARM ANIMALS and and extermination camps,
> but incompatible with living as a free human being. -RI Safir 2013
>



--
John Dunlap
*CTO | Lariat *

*Direct:*
*john@lariat.co <john@lariat.co>*

*Customer Service:*
877.268.6667
support@lariat.co

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal