Re: [Mod-security-developers] Compatibility with mod_ruid2
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] Compatibility with mod_ruid2
|
From: Breno S. <bre...@gm...> - 2013-07-20 18:45:59
|
Hello Ben, Take a look how your umask is set. Maybe you need to change it to have the permission you want. Thanks Breno On Sat, Jul 20, 2013 at 11:04 AM, Ben Empson <be...@ar...> wrote: > Hi there, is there any chance of getting a response on this? This is a > critical issue for all users of mod_ruid2 and ModSecurity…**** > > ** ** > > Regards, Ben **** > > ** ** > > > ============================================================================== > **** > > ** ** > > = Array[x] =**** > > = professional technical outsourcing =**** > > = www.arrayx.co.uk = = be...@ar... =**** > > = t UK: +44 (0)20 8144 9102 = **** > > = t ES: +34 938 021 278 = **** > > = m ES: +34 667 065 397 =**** > > = Paseig Sant Joan 25 3-1, 08010, Barcelona, Spain =**** > > ** ** > > Array[x] and Profitable Web Projects are trademarks of Profitable Web > Projects SL of Passeig Sant Joan 25 3-1, 08010 Barcelona, Spain, which is > inscribed in the Mercantile Register of Barcelona; Tomo 40322, Folio 59, > Hoja B363676, Company registration number B64798101. This message may > contain information that is legally privileged, confidential or exempt from > disclosure. If you are not an intended recipient or an employee or agent > responsible for delivering this message to an intended recipient, please > notify us immediately and permanently destroy this message and any copies > you may have. Any dissemination or copying of this message by anyone other > than the intended recipient is strictly prohibited. Prices exclude taxes > and are valid for one month unless otherwise stated.**** > > ** ** > > *From:* Ben Empson > *Sent:* 10 July 2013 18:09 > *To:* 'mod...@li...' > *Subject:* Compatibility with mod_ruid2**** > > ** ** > > Hi there, I'm running mod_ruid 0.9.7 on Apache 2.2 with ModSecurity 2.7.3 > and the GotRoot/Atomicorp delayed ruleset, all on cPanel 11.38. I am unable > to get ModSecurity to successfully log it's activities since mod_ruid is > causing audit directories and logs to be created with the username of the > running process, and more importantly with permissions for that user only, > overriding a specific setting in the ModSecurity conf to create audit > folders and logs to be created world-writable.**** > > ** ** > > I have documented my setup here: > https://www.atomicorp.com/forum/viewtopic.php?f=15&t=6932&sid=23c91691756075ec7fc5cfe86a6630d1 > **** > > ** ** > > I also posted this to the mod_ruid2 forums: > https://github.com/mind04/mod-ruid2/issues/1**** > > ** ** > > One of the mod_ruid2 developers has suggested that ModSecurity should be > using the special ap_hook_log_transaction() hook which would mean in my > configuration that ModSecurity would try to write it’s audit logs as > nobody, which would not cause permissions issues.**** > > ** ** > > I did follow the suggestion of the developer in terms of “Maybe you can > work around the problem if you make the log directory group writable for > apache and add apache to R_Groups for every user.” but this did not fix the > problem since new log folders are still created without group write > permissions.**** > > ** ** > > It seems as though the only possible fix is that ModSecurity uses the > ap_hook_log_transaction() hook. It is certain that I’m not the only person > suffering this problem: > http://www.google.co.uk/search?q=ModSecurity%3A+Audit+log%3A+Failed+to+create+subdirectories&{google:acceptedSuggestion}oq=ModSecurity%3A+Audit+log%3A+Failed+to+create+subdirectories&sourceid=chrome&ie=UTF-8<http://www.google.co.uk/search?q=ModSecurity%3A+Audit+log%3A+Failed+to+create+subdirectories&%7bgoogle:acceptedSuggestion%7doq=ModSecurity%3A+Audit+log%3A+Failed+to+create+subdirectories&sourceid=chrome&ie=UTF-8> > **** > > ** ** > > Is there any chance of this getting fixed / changed?**** > > ** ** > > Regards, Ben**** > > > ------------------------------------------------------------------------------ > See everything from the browser to the database with AppDynamics > Get end-to-end visibility with application monitoring from AppDynamics > Isolate bottlenecks and diagnose root cause in seconds. > Start your free trial of AppDynamics Pro today! > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
