cgiwrap-users

[cgiwrap-users] cgiwrap and php

[Jack O. <ja...@he...>]

Hello everybody,

I seem to have a problem with cgiwrap (v.3.7) and php (v.4.0.6, safe
mode) running under apache (v.1.3.12). It is illustrated here by a
copy of what I get with cgiwrapd:

---------------------------------------------------------------------
...
Environment Variables:
     QUERY_STRING: ''
      SCRIPT_NAME: '/E/cgiwrapd/dran/E/runphp.cgi'
  SCRIPT_FILENAME: '/home/dran//E/runphp.cgi'
        PATH_INFO: ''
  PATH_TRANSLATED: '/home/dran/'
      REMOTE_USER: 'dran'
      REMOTE_HOST: '<NULL>'
      REMOTE_ADDR: '203.35.8.197'

Logging Request (File)

UIDs/GIDs Changed To:
   RUID: '502'
   EUID: '502'
   RGID: '503'
   EGID: '503'

Changing current directory to '/home/dran//E'



Output of script follows:
=====================================================
X-Powered-By: PHP/4.0.6
Content-type: text/html


Testing phprun.cgi
 for <b>dran</b><hr>
<br>
<b>Warning</b>:  SAFE MODE Restriction in effect.  The script whose
uid is 99 is not allowed to access /www/dran/index.php owned by uid
502 in <b>/home/dran//E/runphp.cgi</b> on line <b>5</b><br>
...
---------------------------------------------------------------------

The question is why php sees the uid of /home/dran//E/runphp.cgi as
still 99 despite its change into 502 by cgiwrap.

Hope someone might be able to explain,
--
Jack

[cgiwrap-users] cgiwrap and php

[Isabelle M. <Isa...@ci...>]

Bonjour,

I have installed php v 4.2.3 on a solaris 2.8 machine.

Then, I configure cgiwrap with the following options:

./configure --with-php-interpreter --with-php=/usr/local/bin/php --with-local-contact-email=web...@un... --with-inst
all-dir=/data/cgi-bin --with-cgi-dir=scripts  --with-httpd-user=wwwdem  --without-check-owner --without-check-group-writ
able

While cgiwrap is running perfectly for some other scripts (shell or perl) , when I try to

access a php page located in scripts directory of user imoullet via the URL:

http://myserver/cgi-bin/cgiwrap/imoullet/test.php,

I get an internal server error . The message in the web server error logfile is:

[Mon Nov 18 17:11:57 2002] [error] [client 130.223.8.50] Premature end of script headers: cgiwrap

My test.php file has 644 privilege.

Here is the output I get from cgiwrapd:

*******************************************************

Initializing Logging
Redirecting STDERR to STDOUT

Setting SIGXCPU to default behaviour

Environment Variables:
     QUERY_STRING: ''
      SCRIPT_NAME: '/cgi-bin/cgiwrapd'
  SCRIPT_FILENAME: '/usr/local/apache2/cgi-bin/cgiwrapd'
     REDIRECT_URL: '<NULL>'
        PATH_INFO: '/imoullet/test.php'
  PATH_TRANSLATED: '/usr/local/bscw/imoullet/test.php'
      REMOTE_USER: '<NULL>'
      REMOTE_HOST: '<NULL>'
      REMOTE_ADDR: '130.223.8.50'

Trying to extract user from PATH_INFO.
Retrieved User Name:  'imoullet'

User Data Retrieved:
     UserID: 'imoullet'
        UID: '12247'
        GID: '10010'
   Home Dir: '/usr/local/home/imoullet'

Script Base Directory:  '/usr/local/home/imoullet/scripts'
        Fetching script string

Trying to extract script from PATH_INFO
Extracted PATH_INFO 'test.php'
        Building script path

        Condensing slashes.

        Script Relative Path:  'test.php'
        Script Absolute Path:  '/usr/local/home/imoullet/scripts/test.php'
        Checking for special interpreted script (php).
        Interpreter Path:  '/usr/local/bin/php'

Fixing Environment Variables.

Environment Variables:
     QUERY_STRING: ''
      SCRIPT_NAME: '/cgi-bin/cgiwrapd/imoullet/test.php'
  SCRIPT_FILENAME: '/usr/local/home/imoullet/scripts/test.php'
     REDIRECT_URL: '<NULL>'
        PATH_INFO: ''
  PATH_TRANSLATED: '/usr/local/bscw'
      REMOTE_USER: '<NULL>'
      REMOTE_HOST: '<NULL>'
      REMOTE_ADDR: '130.223.8.50'

UIDs/GIDs Changed To:
   RUID: '12247'
   EUID: '12247'
   RGID: '10010'
   EGID: '10010'

Changing current directory to '/usr/local/home/imoullet/scripts'

Output of script follows:
=====================================================

*******************************************************

My test.php file has 644 privilege. The message in the web server error logfile is:

[Mon Nov 18 17:11:57 2002] [error] [client 130.223.8.50] Premature end of script headers: cgiwrap
~

Any idea ?

Thnaks for your reply

--
Isabelle Moullet
Centre Informatique
Universite de Lausanne
email: isa...@ci...

Re: [cgiwrap-users] cgiwrap and php

[Piotr K. <ma...@ma...>]

On Wed, Aug 29, 2001 at 09:45:24AM +1000, Jack Olszewski wrote:
> <b>Warning</b>:  SAFE MODE Restriction in effect.  The script whose
> uid is 99 is not allowed to access /www/dran/index.php owned by uid
> 502 in <b>/home/dran//E/runphp.cgi</b> on line <b>5</b><br>
> ...
> ---------------------------------------------------------------------
> 
> The question is why php sees the uid of /home/dran//E/runphp.cgi as
> still 99 despite its change into 502 by cgiwrap.
> 
> Hope someone might be able to explain,

I will try to.

1. The message is not from cgiwrap, but from php - that is clear.
   Then it is probably not cgiwrap related, the OT.
2. You have in line 5 of /home/dran//E/runphp.cgi
   something like
    require('/www/dran/index.php');
   where /www/dran/index.php is owned by 502 and /home/dran//E/runphp.cgi
   is owned by 99.

3. Lets check it a while:

% cat > testres.php
<?php
require('/etc/passwd');
?>

% php -f testres.php 
PHP Warning:  SAFE MODE Restriction in effect.  The script whose
  uid is 202 is not allowed to access /etc/passwd owned by uid
  0 in testres.php on line 2

% ls -lan testres.php /etc/passwd
-rw-r--r--   1 0        0              x Aug 27 09:43 /etc/passwd
-rw-r--r--   1 202      200           33 Aug 29 09:37 testres.php

For running the php programs from the cgiwrap, you can try
the patch available at:
  http://www.klaban.torun.pl/patches/cgiwrap/
But I need to check if it compiles cleanly with the last cgiwrap
release - the most recent will be available today.

Best regards,

-- 
Piotr Klaban

Re: [cgiwrap-users] cgiwrap and php

[Jack O. <ja...@he...>]

Piotr Klaban wrote:
> 
> On Wed, Aug 29, 2001 at 09:45:24AM +1000, Jack Olszewski wrote:
> > <b>Warning</b>:  SAFE MODE Restriction in effect.  The script whose
> > uid is 99 is not allowed to access /www/dran/index.php owned by uid
> > 502 in <b>/home/dran//E/runphp.cgi</b> on line <b>5</b><br>
> > ...
> > ---------------------------------------------------------------------
> >
> > The question is why php sees the uid of /home/dran//E/runphp.cgi as
> > still 99 despite its change into 502 by cgiwrap.
> >
> > Hope someone might be able to explain,
> 
> I will try to.
> 
> 1. The message is not from cgiwrap, but from php - that is clear.
>    Then it is probably not cgiwrap related, the OT.
> 2. You have in line 5 of /home/dran//E/runphp.cgi
>    something like
>     require('/www/dran/index.php');
>    where /www/dran/index.php is owned by 502 and /home/dran//E/runphp.cgi
>    is owned by 99.
> 

Yes, exactly.

> 3. Lets check it a while:
> 
> % cat > testres.php
> <?php
> require('/etc/passwd');
> ?>
> 
> % php -f testres.php
> PHP Warning:  SAFE MODE Restriction in effect.  The script whose
>   uid is 202 is not allowed to access /etc/passwd owned by uid
>   0 in testres.php on line 2
> 

Of course, if run directly rather than by cgiwrap.

> % ls -lan testres.php /etc/passwd
> -rw-r--r--   1 0        0              x Aug 27 09:43 /etc/passwd
> -rw-r--r--   1 202      200           33 Aug 29 09:37 testres.php
> 
> For running the php programs from the cgiwrap, you can try
> the patch available at:
>   http://www.klaban.torun.pl/patches/cgiwrap/

It's been my suspicion all along that cgiwrap should know about php,
as it knows about perl (see --with-perl).

> But I need to check if it compiles cleanly with the last cgiwrap
> release - the most recent will be available today.
> 

Eagerly awaiting,
--
Jack

ps Piotr, you might be interested to know the full name of my test
user dran, Zimny Dran   :)

Re: [cgiwrap-users] cgiwrap and php

[Nathan N. <nn...@um...>]

> It's been my suspicion all along that cgiwrap should know about php,
> as it knows about perl (see --with-perl).

Um. It doesn't know anything special about perl. That's just so the log
analyze script in the unsup dir can be built and customized with the
local path to perl instead of wiring /usr/bin/perl. 

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nn...@um...
University of Missouri - Rolla         Phone: (573) 341-4841
CIS - Systems Programming                Fax: (573) 341-4216

Re: [cgiwrap-users] cgiwrap and php

[Jack O. <ja...@he...>]

Nathan Neulinger wrote:
> 
> > It's been my suspicion all along that cgiwrap should know about php,
> > as it knows about perl (see --with-perl).
> 
> Um. It doesn't know anything special about perl. That's just so the log
> analyze script in the unsup dir can be built and customized with the
> local path to perl instead of wiring /usr/bin/perl.
> 
> -- Nathan
> 

Yes, it is the way php checks uid in safe mode rather than anything
wrong with cgiwrap. I wrote a little test script that writes and reads
the same file under cgiwrap:

-----------------------------------------------------------------------
#!/usr/local/bin/php

Testing phprun.cgi for <b>
<?
  echo "$user";
?>
</b><p>writing index.php ...
<?
  $f = fopen("/www/$user/index.php","w");
  if ($f) {
           echo "success.\n";
           fputs($f,"file written by $user\n");
           fclose($f);
  } else {
           echo "failure.\n";
  }
?>
<p>reading index.php ...
<?
  $f = fopen("/www/$user/index.php","r");
  if ($f) {
           echo "success.\n";
           $content = fgets($f);
           fclose($f);
           echo "<br>content: $content<br>";
  } else {
           echo "failure.\n";
  }
?>
---------------------------------------------------------------------

When executed in the absence of /www/dran/index.php, it succeeds in
creation of the file:

-rw-r--r--    1 dran     hermes         21 Aug 30 08:14
/www/dran/index.php

But it fails in reading the file back:

--- first run - no index.php in /www/dran ------------------------
Testing phprun.cgi for dran

writing index.php ... success. 

reading index.php ... 
Warning: SAFE MODE Restriction in effect. The script whose uid is 0 is
not allowed to access /www/dran/index.php
owned by uid 502 in /home/dran//E/runphp.cgi on line 19

Warning: fopen("/www/dran/index.php","r") - No such file or directory
in /home/dran//E/runphp.cgi on line 19
failure. 
------------------------------------------------------------------

When run for the second time:

--- second run - after index.php has been created -----------------
Testing phprun.cgi for dran

writing index.php ... 
Warning: SAFE MODE Restriction in effect. The script whose uid is 0 is
not allowed to access /www/dran/index.php
owned by uid 502 in /home/dran//E/runphp.cgi on line 8

Warning: fopen("/www/dran/index.php","w") - Inappropriate ioctl for
device in /home/dran//E/runphp.cgi on line 8
failure. 

reading index.php ... 
Warning: SAFE MODE Restriction in effect. The script whose uid is 0 is
not allowed to access /www/dran/index.php
owned by uid 502 in /home/dran//E/runphp.cgi on line 19

Warning: fopen("/www/dran/index.php","r") - Inappropriate ioctl for
device in /home/dran//E/runphp.cgi on line 19
failure. 
-------------------------------------------------------------------

In conclusion, the user dran is able to create files, but not to read
them, or rewrite them, even in the same php script under cgiwrap. 

--
Jack