Re: [mod-security-users] mod-security, SecChroot & suexec

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Jinn Koriech wrote:
> I read somewhere from google that strace doesn't work because of the 
> mod-security chroot setup.

   Hmm, that sounds familiar, like something I may have said. I had
   a moment to try something quickly:

   Take modsec 1.9RC1, change this line (it's at the end):

   ap_hook_post_config(sec_init, NULL, NULL, APR_HOOK_REALLY_LAST);

   to

   ap_hook_post_config(sec_init, NULL, NULL, APR_HOOK_REALLY_FIRST);

   and try again. Apache does not segfault after this change is
   made and strace is used. Unfortunately, I didn't have enough
   time to test what are the other consequences of this action
   (but I've pencilled it down for later).

> Would it be any use to provide the end of 
> the strace output for others to review and see why it may not be 
> working?  It's only when I add the SecChrootDir that strace apache bombs 
> out when it's strace'd.

   Sure, go ahead. I won't have much time to do any tests in the
   next two weeks but I can respond to emails (and strace dumps).

-- 
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org