From owner-freebsd-bugs Sat Mar 27 10:50:19 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id E75DE14CD2 for ; Sat, 27 Mar 1999 10:50:18 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.2/8.9.2) id KAA06260; Sat, 27 Mar 1999 10:50:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from ee.follo.net (ee.follo.net [195.204.143.223]) by hub.freebsd.org (Postfix) with ESMTP id 34FDF15089 for ; Sat, 27 Mar 1999 10:24:04 -0800 (PST) (envelope-from des@ee.follo.net) Received: (from des@localhost) by ee.follo.net (8.9.2/8.8.8) id TAA14403; Sat, 27 Mar 1999 19:24:07 +0100 (CET) (envelope-from des) Message-Id: <199903271824.TAA14403@ee.follo.net> Date: Sat, 27 Mar 1999 19:24:07 +0100 (CET) From: Dag-Erling Smorgrav Reply-To: des@ee.follo.net To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/10820: getpwent() failures in httpd Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 10820 >Category: bin >Synopsis: getpwent() failures in httpd >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Mar 27 10:50:00 PST 1999 >Closed-Date: >Last-Modified: >Originator: Dag-Erling Smorgrav >Release: FreeBSD 3.1-STABLE i386 >Organization: Yes Interactive >Environment: FreeBSD 3.1-STABLE and 4.0-CURRENT systems configured as NIS clients of a FreeBSD NIS server which has master.passwd.{byname,byuid} maps. >Description: The NIS code in src/lib/libc/gen/getpwent.c attempts to determine whether or not it has access to the master.passwd maps. This test will succeed if it can connect to the NIS server from a privileged port, i.e. if the effective UID is 0. However, it is possible for the process to lose that access without getpwent.c noticing, for instance by dropping privileges and closing the NIS socket (which is what happens in e.g. an HTTP daemon which forks). The NIS code will try to reconnect to master.passwd, but since it is connecting from a non-privileged port, the request will be deniedand the getpwent() call will fail. >How-To-Repeat: Run Apache httpd on the NIS client. Using an HTTP client, request http://www.nisclient.net/~joe/ where joe is listed in the NIS password but *not* in the NIS client's own password database, and has a public_html directory (or whatever you've set UserDir to). getpwent() will fail, resulting in a 404 Not Found. Running the NIS server in debug mode reveals that the client attempted to access the master.passwd.byname map from an unprivileged port. Other daemons which close file descriptors when they fork will also be affected by this. >Fix: The NIS code needs to detect a change in privileges, and reinitialize if the connection was lost after privileges were dropped. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message