[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty

[Rouben]

** Summary changed:

- libapache2-mod-suphp causes double free error in Apache error log when script is inaccessible
+ suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty

** Description changed:

+ Backport request: please backport suphp 0.6.2 to dapper and edgy from
+ feisty.
+ 
  Binary package hint: libapache2-mod-suphp
  
  Whenever suphp refuses to run a script for any reason (e.g. UID/GID out
  of configured allowable range, wrong permissions, etc), it causes the
  following error messages to appear in the Apache error log:
  
  ---SNIP---
  [Mon Nov 27 17:56:12 2006] [error] [client 142.150.160.59] Premature end of script headers: index.cgi
  [Mon Nov 27 17:56:12 2006] [error] [client 142.150.160.59] SoftException in Application.cpp:193: Script "/var/www/index.cgi" resolving to "/var/www/index.cgi" not within configured docroot
  [Mon Nov 27 17:56:12 2006] [error] [client 142.150.160.59] *** glibc detected *** double free or corruption (fasttop): 0x0806f990 ***
  [Mon Nov 27 17:56:41 2006] [error] [client 142.150.160.59] Premature end of script headers: index.cgi
  [Mon Nov 27 17:56:41 2006] [error] [client 142.150.160.59] SoftException in Application.cpp:291: UID of script "/var/www/index.cgi" is smaller than min_uid
  [Mon Nov 27 17:56:41 2006] [error] [client 142.150.160.59] *** glibc detected *** double free or corruption (fasttop): 0x0806f9f8 ***
  [Mon Nov 27 17:57:18 2006] [error] [client 142.150.160.59] Premature end of script headers: index.cgi
  [Mon Nov 27 17:57:18 2006] [error] [client 142.150.160.59] SoftException in Application.cpp:472: Could not execute script "/var/www/index.cgi"
  [Mon Nov 27 17:57:18 2006] [error] [client 142.150.160.59] Caused by SystemException in API_Linux.cpp:427: execve() for program "/var/www/index.cgi" failed: Permission denied
  [Mon Nov 27 17:57:18 2006] [error] [client 142.150.160.59] *** glibc detected *** double free or corruption (fasttop): 0x0806f9f8 ***
  ---SNIP---
  
  As you can see, the above are three distinct examples:
  
  1. [Mon Nov 27 17:56:12 2006] was caused by the target script being outside of the allowable suphp docroot.
  2. [Mon Nov 27 17:56:41 2006] was caused by wrong ownership: owner UID of the target script file was less than the allowable UID.
  3. [Mon Nov 27 17:57:18 2006] was caused by wrong permissions (the www-data user/group has no read access to the script in question).
  
  In all three cases, the last error message seen was always "*** glibc
  detected *** double free or corruption (fasttop): 0x0806f9f8 ***" which
  is a bit unnerving. I am not sure if this problem is potentially
  exploitable.
  
  Note that this seems to be a known issue with suphp, and the latest
  release (0.6.2) seems to have addressed the issue according to the suphp
  homepage: http://www.suphp.org/

-- 
suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
https://launchpad.net/bugs/73556