Package: apache2.2-common Version: 2.2.15-5 Severity: minor
I use symlinks extensively, to expose fragments of my working directories (development source trees) in my userdir (all of which is subject to LDAP-based authentication). I had unwittingly set up some symlinks that went via directories which were drwx--s--- (in group cvs, to which www-data doesn't belong) and thus inaccessible to the web-server (running as user www-data), but the symlinks pointed to sub-sub-directories which were drwxr-xr-x. The web-server succeeded in displaying the contents *usually*, but one of my colleagues noticed that, on reload, he got 403'd. The fact that this (mostly) worked at all suggests that apache is sometimes accessing content as root, instead of as the unprivileged user www-data. The problem *might* be that Linux (the underlying O/S) is being flaky about enforcing permissions. -- Package-specific info: List of enabled modules from 'apache2 -M': actions alias auth_basic authn_file authnz_ldap authz_default authz_host authz_user autoindex cgi dir env ldap mime negotiation perl reqtimeout setenvif ssl status userdir -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-trunk-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.ISO-8859-15, LC_CTYPE=en_GB.ISO-8859-15 (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages apache2 depends on: ii apache2-mpm-prefork 2.2.15-5 Apache HTTP Server - traditional n ii apache2.2-common 2.2.15-5 Apache HTTP Server common files apache2 recommends no packages. apache2 suggests no packages. Versions of packages apache2.2-common depends on: ii apache2-utils 2.2.15-5 utility programs for webservers ii apache2.2-bin 2.2.15-5 Apache HTTP Server common binary f ii libmagic1 5.04-2 File type determination library us ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip ii mime-support 3.48-1 MIME files 'mime.types' & 'mailcap ii perl 5.10.1-13 Larry Wall's Practical Extraction ii procps 1:3.2.8-9 /proc file system utilities -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
