[Bug 253268] Re: php5-cgi not working with suphp in Hardy

dx9s dx9s at hotmail.com
Wed Sep 3 22:47:32 BST 2008


>From deb source (and I compiled it)
However I need to change the version number because an apt-get update/upgrade will upgrade to the latest version and you'll need to apt-get remove/purge the latest and install the older one.

Until I hear a better compelling reason to change the
permissions/ownership (to how they suggest) "workaround" (aka all files
on web server in question are to be owned by ROOT or the switched user
account suPHP uses)... I'm used to a different ownership model when
using suPHP.

Doesn't make sense because in order to make the parent folder owned by
root.root the user/group/world -- the world permissions must be open to
anybody on the system.. where I like to have the parent folders owned by
the same person the apache httpd is running as... so ONLY people that
are that user (or in a particular group) can even GET to the same
folder... Having it world readable means you should NOW never allow
shell access on the machine (because people can now go into the folder
and read other's PHP scripts and pull things out like passwords or look
for exploitable bugs).

I really dislike being told the new cold is more restrictive and
requires a change in permission and after looking at the changes.. it's
really less secure.

--Doug

----------------------------------------
> From: chuck.short at canonical.com
> To: dx9s at hotmail.com
> Date: Wed, 27 Aug 2008 14:24:43 +0000
> Subject: [Bug 253268] Re: php5-cgi not working with suphp in Hardy
> 
> dx9s: Where did this deb come from?
> 
> Thanks
> chuck
> 
> -- 
> php5-cgi not working with suphp in Hardy 
> https://bugs.launchpad.net/bugs/253268
> You received this bug notification because you are a direct subscriber
> of the bug.
> 
> Status in “php5” source package in Ubuntu: New
> Status in “suphp” source package in Ubuntu: New
> Status in “suphp” source package in Debian: New
> 
> Bug description:
> Suphp doesn't work in Hardy. It seems that it is simply ignored and php processes are executed under www-data.
> 
> It was working fine under Gutsy. I dist-upgraded a month ago but I discovered the problem only recently (because one of my website was unable to read a config file chmoded to 700). I'm pretty sure it's the dist-upgrade because the suphp log stopped the day I dist-upgraded (approximately at least).
> 
> I didn't change anything in the config in the meantime. Also, when investigation the problem, I copied /etc/apache2 /etc/php5 and /etc/suphp from a working Debian installation. It doesn't work under Hardy.
> 
> 
> The symptoms are the following :
> 1) if mod_php5 is enabled, processes run with www-data permissions. phpinfo() returns "Apache 2.0 Handler " as the server API. (when suphp is working, it returns "Cgi/FastCgi" AFAIK
> 
> 2) if mod_php5 is not enabled, you will receive an error 500. The logs contain the following lines :
> [Wed Jul 30 14:31:55 2008] [error] [client 212.190.219.18] SecurityException in Application.cpp:440: Handler not found in configuration
> [Wed Jul 30 14:31:55 2008] [error] [client 212.190.219.18] Caused by KeyNotFoundException in Configuration.cpp:234: Handler "application/x-httpd-php" not found
> [Wed Jul 30 14:31:55 2008] [error] [client 212.190.219.18] Premature end of script headers: index.php
> 
> 
> If both suphp and php5 are disabled, then your browser offers you to download the file (which is normal).
> 
> Also, it has to be noted that suphp is well active because if you try to access a software not in the defined root, you will get an error in the logs. So, it seems like the problem is not suphp but the cgi part of php5 which is not responding or something like that.
> 
> I'm not an expert so I'm not sure about the where to assign this issue.

_________________________________________________________________
See how Windows Mobile brings your life together—at home, work, or on the go.
http://clk.atdmt.com/MRT/go/msnnkwxp1020093182mrt/direct/01/

-- 
php5-cgi not working with suphp in Hardy 
https://bugs.launchpad.net/bugs/253268
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.



More information about the Ubuntu-server-bugs mailing list