From 27f866daac0eb55073a5cedccc73c0d28faf5570 Mon Sep 17 00:00:00 2001 From: cameronrich Date: Fri, 12 Oct 2007 06:40:24 +0000 Subject: [PATCH] removed chroot() after lwn article git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@137 9a5d90b5-6617-0410-8a86-bb477d3ed2e3 --- config/linuxconfig | 1 - config/win32config | 1 - httpd/Config.in | 11 ----------- httpd/axhttpd.c | 4 ---- httpd/proc.c | 5 ----- 5 files changed, 22 deletions(-) diff --git a/config/linuxconfig b/config/linuxconfig index d1d883e09..949ac051b 100644 --- a/config/linuxconfig +++ b/config/linuxconfig @@ -65,7 +65,6 @@ CONFIG_HTTP_LUA_PREFIX="/usr/local" # CONFIG_HTTP_BUILD_LUA is not set CONFIG_HTTP_DIRECTORIES=y CONFIG_HTTP_HAS_AUTHORIZATION=y -# CONFIG_HTTP_USE_CHROOT is not set # CONFIG_HTTP_CHANGE_UID is not set # CONFIG_HTTP_HAS_IPV6 is not set # CONFIG_HTTP_VERBOSE is not set diff --git a/config/win32config b/config/win32config index ae6abf18b..8640ea0f7 100644 --- a/config/win32config +++ b/config/win32config @@ -71,7 +71,6 @@ CONFIG_HTTP_LUA_CGI_LAUNCHER="" # CONFIG_HTTP_BUILD_LUA is not set CONFIG_HTTP_DIRECTORIES=y CONFIG_HTTP_HAS_AUTHORIZATION=y -# CONFIG_HTTP_USE_CHROOT is not set # CONFIG_HTTP_CHANGE_UID is not set # CONFIG_HTTP_HAS_IPV6 is not set CONFIG_HTTP_VERBOSE=y diff --git a/httpd/Config.in b/httpd/Config.in index cbbbc7d5e..ad66e2a16 100644 --- a/httpd/Config.in +++ b/httpd/Config.in @@ -119,17 +119,6 @@ config CONFIG_HTTP_HAS_AUTHORIZATION help Pages/directories can have passwords associated with them. -config CONFIG_HTTP_USE_CHROOT - bool "Use chroot()" - default n - depends on !CONFIG_PLATFORM_WIN32 - help - Use chroot() to switch directories with a certain degree of - protection. However access to /bin and /lib have to replaced with - duplicate binaries. - - This feature is normally disabled. - config CONFIG_HTTP_CHANGE_UID bool "Change UID" default n diff --git a/httpd/axhttpd.c b/httpd/axhttpd.c index 701d58853..1594f1cb8 100644 --- a/httpd/axhttpd.c +++ b/httpd/axhttpd.c @@ -576,11 +576,7 @@ static void ax_chdir(void) { static char *webroot = CONFIG_HTTP_WEBROOT; -#if defined(WIN32) || !defined(CONFIG_HTTP_USE_CHROOT) if (chdir(webroot)) -#else /* use chroot() instead */ - if (chroot(webroot)) -#endif { #ifdef CONFIG_HTTP_VERBOSE fprintf(stderr, "'%s' is not a directory\n", webroot); diff --git a/httpd/proc.c b/httpd/proc.c index 35388e7fc..270dd7094 100644 --- a/httpd/proc.c +++ b/httpd/proc.c @@ -916,12 +916,7 @@ static int hexit(char c) static void buildactualfile(struct connstruct *cn) { char *cp; - -#ifdef CONFIG_HTTP_USE_CHROOT - snprintf(cn->actualfile, MAXREQUESTLENGTH, "%s", cn->filereq); -#else snprintf(cn->actualfile, MAXREQUESTLENGTH, ".%s", cn->filereq); -#endif #ifndef WIN32 /* Add directory slash if not there */