Re: [mod-security-users] Chroot and worker MPM?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Chroot and worker MPM?
|
From: Ivan R. <iv...@we...> - 2005-07-11 12:15:13
|
Jeff Tharp wrote: > I'm getting a weird error when configuring chroot using SecChrootDir and > using the worker MPM. Hoping someone else has ran across this before > and has some ideas. > > Versions are as follows: Red Hat Enterprise Linux v4, Apache 2.0.54, > ModSecurity 1.8.7 > > ... > > libgcc_s.so.1 must be installed for pthread_cancel to work > [Thu Jul 07 17:07:11 2005] [notice] child pid 3428 exit signal Aborted > (6) I can confirm the same happens with stock 2.0.54 on Fedora Core 1, although my Apache does not segfault. It appears that the required library libgcc_s.so.1 is not loaded before chroot takes place (and it certainly cannot be loaded afterwards). Moving the library into jail worked for me. I placed it into ~/apache2/lib. What also worked is an attempt to load the library before chroot takes place, from mod_security itself (by creating a thread that does nothing.) I've made a TODO note for myself to see if this hack is portable at all, or whether it can be #ifdef-ed. Getting it to work would be really nice, because the internal chroot measure would work really well for a multithreaded Apache working as a reverse proxy only. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
