Re: [mod-security-users] Unable to have mod_security 'exec' as default action.
Brought to you by:
victorhora,
zimmerletw
From: Ivan R. <iv...@we...> - 2005-11-10 20:44:15
|
Jason Z wrote: > > It turns out that ModSecurity requires all exec commands to print > something back out ('1' for example) in order to actually accept the > execution. I didn't think that a logging script would need to provide > any feedback to ModSecurity. After watching the debug output (as you > suggested) I changed the extension from . to .pl and had it just print a > 1 at the end and ModSecurity became happy. Ah, there's a reason for that. There are cases (or at least there were when I looked at it) where it is not possible to differentiate between a script failing to execute and a script executing but not writing anything to stdout. I'll make a note of it in the documentation. Thanks for bringing the problem to my attention. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |