Re: Re: mod_security v1.8.4 Chroot problem

Dan Bethe wrote:
> I've got mod_security 1.8.4 with just the chroot function, httpd 1.3.31, and
> frontpage 2002.  It works fine without chroot.  I haven't tested with suexec
> yet.  With chroot enabled, I'm having troubles with the suidkey.
> 
> With mod_frontpage being loaded *before* mod_security, and with /bin/ps and
> /usr/bin/sum and /proc inside the chroot, frontpage properly creates its
> suidkey.$PID inside the chroot.  fpcounter.exe appears to function, but with the
> counter reset to 1, never incrementing.  There are no errors in error_log either
> of the main server or of the vhost in question.  It's as is mod_frontpage
> believes that it's working, and yet it's apparently not with fpcounter.exe.  The
> administrative web GUI works.  fpcounter.exe and the administrative web GUI are
> the only items I've tested it with.
> 
> Please see my strace output at http://smuckola.org/etc/httpd_strace.text
> 
> Do you have any clues or suggestions?

Could this be the problem?

[pid 25606] open("/home/dtm/public_html//_private/menu.html.cnt", 
O_RDWR) = -1 EACCES (Permission denied)

It is clear the FrontPage module does not check whether the descriptor
is valid or not:

[pid 25606] lseek(-1, 0, SEEK_SET)      = -1 EBADF (Bad file descriptor)
[pid 25606] write(-1, "FPCountFile ", 12) = -1 EBADF (Bad file descriptor)
[pid 25606] write(-1, "00000000001", 11) = -1 EBADF (Bad file descriptor)
[pid 25606] close(-1)                   = -1 EBADF (Bad file descriptor)