Re: [mod-security-users] 1.5.1 SecFilterDefaultAction exec
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] 1.5.1 SecFilterDefaultAction exec
|
From: Ivan R. <iv...@we...> - 2003-07-17 23:26:45
|
Colin Kong wrote:
> Hello Ivan,
>
> Forgot to look at the suexec_log...
>
> [2003-07-17 14:41:20]: error: invalid
> command(/usr/local/apache/bin/report-modsecurity-attack.pl)
>
> ...
>
> Is this information useful?
Yes, I think I've found the problem by looking into
the suexec source code. It seems that it doesn't allow
a leading / in the command name (ie it doesn't allow
commands with absolute paths):
if ((cmd[0] == '/') || (!strncmp(cmd, "../", 3))
|| (strstr(cmd, "/../") != NULL)) {
log_err("error: invalid command (%s)\n", cmd);
exit(104);
}
I am not really sure (yet) what is the reasoning behind this,
but I'll try to work around it somehow. Why don't you
try adding one space before the /? Maybe that will
work :)
--
ModSecurity (http://www.modsecurity.org)
[ Open source IDS for Web applications ]
|