|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Bug#458085: apache2.2-common: wrong permissions on /var/lock/apache2
Date: Fri Dec 28 2007 - 09:23:39 EST
Package: apache2.2-common
Version: 2.2.3-4+etch3
Severity: important
Hi,
/etc/init.d/apache2 contains an unconditional
install -d -o www-data /var/lock/apache2
If apache is configured to run under a different user than www-data (and thus /var/lock/apache2 owned by this user), then this
- overrides permissions set by the administrator, which is IMHO a policy violation
- makes /var/lock/apache2 unwritable by apache
The init script must parse /etc/apache2/apache.conf and use the "User" setting from there.
Gabor
- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable'), (101, 'unstable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-2-amd64 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages apache2.2-common depends on:
ii apache2-utils 2.2.3-4+etch3 utility programs for webservers ii libmagic1 4.17-5etch3 File type determination library us ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip ii mime-support 3.39-1 MIME files 'mime.types' & 'mailcap ii net-tools 1.60-17 The NET-3 networking toolkit ii procps 1:3.2.7-3 /proc file system utilities
apache2.2-common recommends no packages.
- no debconf information
--
To UNSUBSCRIBE, email to debian-apache-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Received on Fri Dec 28 10:24:10 2007
This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 02:59:27 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |