RES: RES: problem with suexec
Max
perldork at webwizarddesign.com
Wed Mar 12 18:30:11 CET 2008
> [2008-03-11 21:22:04]: directory is writable by others: (/usr/local/nagios/sbin)
group writable directory and group writable files ...
On Wed, Mar 12, 2008 at 12:12 PM, Wilson A. Galafassi Jr.
<wilson.galafassi at gmail.com> wrote:
>
> # ls -la
> drwxrwxr-x 8 nagios nagios 4096 Mar 10 20:00 .
> drwxr-xr-x 22 root root 4096 Mar 10 20:00 ..
> drwxrwxr-x 2 nagios nagios 4096 Mar 10 20:00 bin
> drwxrwxr-x 3 nagios nagios 4096 Mar 10 20:32 etc
> drwxrwxr-x 2 nagios nagios 4096 Mar 10 20:41 libexec
> drwxrwxr-x 2 nagios nagios 4096 Mar 10 20:00 sbin
> drwxrwxr-x 9 nagios nagios 4096 Mar 10 20:41 share
> drwxrwxr-x 5 nagios nagios 4096 Mar 12 13:11 var
>
> sbin
> # ls -la
> total 3092
> drwxrwxr-x 2 nagios nagios 4096 Mar 10 20:00 .
> drwxrwxr-x 8 nagios nagios 4096 Mar 10 20:00 ..
> -rwxrwxr-x 1 nagios nagios 214472 Mar 10 20:00 avail.cgi
> -rwxrwxr-x 1 nagios nagios 210760 Mar 10 20:00 cmd.cgi
> -rwxrwxr-x 1 nagios nagios 180680 Mar 10 20:00 config.cgi
> -rwxrwxr-x 1 nagios nagios 230024 Mar 10 20:00 extinfo.cgi
> -rwxrwxr-x 1 nagios nagios 184936 Mar 10 20:00 histogram.cgi
> -rwxrwxr-x 1 nagios nagios 168456 Mar 10 20:00 history.cgi
> -rwxrwxr-x 1 nagios nagios 164328 Mar 10 20:00 notifications.cgi
> -rwxrwxr-x 1 nagios nagios 160200 Mar 10 20:00 outages.cgi
> -rwxrwxr-x 1 nagios nagios 164616 Mar 10 20:00 showlog.cgi
> -rwxrwxr-x 1 nagios nagios 221704 Mar 10 20:00 status.cgi
> -rwxrwxr-x 1 nagios nagios 180904 Mar 10 20:00 statusmap.cgi
> -rwxrwxr-x 1 nagios nagios 176648 Mar 10 20:00 statuswml.cgi
> -rwxrwxr-x 1 nagios nagios 164360 Mar 10 20:00 statuswrl.cgi
> -rwxrwxr-x 1 nagios nagios 181832 Mar 10 20:00 summary.cgi
> -rwxrwxr-x 1 nagios nagios 176680 Mar 10 20:00 tac.cgi
> -rwxrwxr-x 1 nagios nagios 189064 Mar 10 20:00 trends.cgi
>
>
> -----Mensagem original-----
> De: nagios-users-bounces at lists.sourceforge.net
> [mailto:nagios-users-bounces at lists.sourceforge.net] Em nome de Hendrik
> Bäcker
> Enviada em: quarta-feira, 12 de março de 2008 12:07
> Para: nagios-users at lists.sourceforge.net
> Assunto: Re: [Nagios-users] RES: problem with suexec
>
>
>
>
>
> Wilson A. Galafassi Jr. schrieb:
> > I have tried but the problem persist.
> >
> With the same error message? Show us your directory (ls -la).
>
> > Any other idea?
> >
>
> > Thanks,
> > Wilson
> >
> > -----Mensagem original-----
> > De: nagios-users-bounces at lists.sourceforge.net
> > [mailto:nagios-users-bounces at lists.sourceforge.net] Em nome de Hendrik
> > Bäcker
> > Enviada em: quarta-feira, 12 de março de 2008 04:27
> > Para: wilson at galafassi.com.br
> > Cc: nagios-users at lists.sourceforge.net
> > Assunto: Re: [Nagios-users] problem with suexec
> >
> > Hi Wilson,
> >
> > Wilson Galafassi schrieb:
> >> hello.
> >> i have installed nagios on my server running apache 2.2.6.
> >>
> >> when i try to access the web interface i see: Internal Server Error
> >>
> >> in error_log i see:
> >> [Tue Mar 11 21:20:15 2008] [error] [client xxx.yyy.zzz.xxxx] suexec
> >> policy violation: see suexec log for more details, referer:
> >> http://www.digitalstorage.com.br/nagios/side.html
> >> [Tue Mar 11 21:20:15 2008] [error] [client xxx.yyy.zzz.xxxx] Premature
> >> end of script headers: tac.cgi, referer:
> >> http://www.digitalstorage.com.br/nagios/side.html
> >> [Tue Mar 11 21:20:15 2008] [error] [client xxx.yyy.zzz.xxxx] File does
> >> not exist: /home/digital/public_html/500.shtml, referer:
> >> http://www.digitalstorage.com.br/nagios/side.html
> >>
> >> in suexec_log:
> >> [2008-03-11 21:22:04]: uid: (32042/digital) gid: (32044/32044) cmd:
> > tac.cgi
> >> [2008-03-11 21:22:04]: directory is writable by others:
> > (/usr/local/nagios/sbin)
> > Well, did you begin to re-set the permissions?
> > I don't know suexec in depth but in your situation I would start to try
> > to do what suexec suggests. After each step I would control if the
> > balance between application and security is givven.
> >
> > So like your suexec_log: change the directory permission of
> > "/usr/local/nagios/sbin" to make it not writable by "other" (chmod o-w
> > /usr/local/nagios/sbin)
> >
> > Regards
> > Hendrik
> >
> > -------------------------------------------------------------------------
> > This SF.net email is sponsored by: Microsoft
> > Defy all challenges. Microsoft(R) Visual Studio 2008.
> > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> > _______________________________________________
> > Nagios-users mailing list
> > Nagios-users at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > ::: Please include Nagios version, plugin version (-v) and OS when
> reporting
> > any issue.
> > ::: Messages without supporting info will risk being sent to /dev/null
> >
> >
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting
> any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list