Security
Suexec:無效命令錯誤
我正在嘗試使用 suexec 設置 lighttpd,但測試時出現問題:當我嘗試通過 suexec 啟動某些內容時,它會在日誌中顯示:
[2017-10-08 00:23:24]: invalid command (/srv/http/main/htdocs/cgi-bin/test.py)
輸出suexec -V
:-D AP_DOC_ROOT="/srv/http" -D AP_GID_MIN=100 -D AP_HTTPD_USER="lighttpd" -D AP_LOG_EXEC="/var/log/lighttpd/suexec.log" -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin" -D AP_UID_MIN=100 -D AP_USERDIR_SUFFIX="public_html"
我用來啟動程序的包裝器:
#!/bin/bash filename="$1" user="$(/usr/bin/stat -c "%U" "$filename") group="$(/usr/bin/stat -c "%G" "$filename") cd "$(dirname "$filename")" /usr/local/bin/suexec "$user" "$group" "$filename"
權限沒問題,沒有設置惡意寫入位。從 userdirs (
/home/$USER/public_html
) 和 docroot 都嘗試。
似乎只允許相對路徑;錯誤消息來自此塊:
/* * Check for a leading '/' (absolute path) in the command to be executed, * or attempts to back up out of the current directory, * to protect against attacks. If any are * found, error out. Naughty naughty crackers. */ if ((cmd[0] == '/') || (!strncmp(cmd, "../", 3)) || (strstr(cmd, "/../") != NULL)) { log_err("invalid command (%s)\n", cmd); exit(104); }
(見https://anonscm.debian.org/cgit/pkg-apache/apache2.git/tree/support/suexec.c?h=upstream/2.4.27#n350)