From f8adea949c399a055bd4192e8820dff0fa178ec4 Mon Sep 17 00:00:00 2001 From: brectanus Date: Thu, 24 Jan 2008 22:10:37 +0000 Subject: [PATCH] Implemented SecUploadFileMode. See #448. --- CHANGES | 4 +++- apache2/apache2_config.c | 32 +++++++++++++++++++++++++++ apache2/buildconf | 3 +++ apache2/configure.in | 5 +++-- apache2/mod_security2_config.h.in | 3 +++ apache2/modsecurity.h | 1 + apache2/msc_multipart.c | 17 ++++++++++++++ doc/modsecurity2-apache-reference.xml | 25 ++++++++++++++++++++- 8 files changed, 86 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index 81c2e062..b71e3c92 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,8 @@ -23 Jan 2008 - 2.5.0-rc2 +24 Jan 2008 - 2.5.0-rc2 ----------------------- + * Implemented SecUploadFileMode to allow setting the mode for uploaded files. + * Implemented "block" action. * No longer log the query portion of the URI in the error log as diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c index 9243219b..d2bd4d76 100644 --- a/apache2/apache2_config.c +++ b/apache2/apache2_config.c @@ -73,6 +73,7 @@ void *create_directory_config(apr_pool_t *mp, char *path) { dcfg->upload_dir = NOT_SET_P; dcfg->upload_keep_files = NOT_SET; dcfg->upload_validates_files = NOT_SET; + dcfg->upload_filemode = NOT_SET; /* These are only used during the configuration process. */ dcfg->tmp_chain_starter = NULL; @@ -402,6 +403,8 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child) { ? parent->upload_keep_files : child->upload_keep_files); merged->upload_validates_files = (child->upload_validates_files == NOT_SET ? parent->upload_validates_files : child->upload_validates_files); + merged->upload_filemode = (child->upload_filemode == NOT_SET + ? parent->upload_filemode : child->upload_filemode); /* Misc */ merged->data_dir = (child->data_dir == NOT_SET_P @@ -502,6 +505,7 @@ void init_directory_config(directory_config *dcfg) { if (dcfg->upload_dir == NOT_SET_P) dcfg->upload_dir = NULL; if (dcfg->upload_keep_files == NOT_SET) dcfg->upload_keep_files = KEEP_FILES_OFF; if (dcfg->upload_validates_files == NOT_SET) dcfg->upload_validates_files = 0; + if (dcfg->upload_filemode == NOT_SET) dcfg->upload_filemode = 0600; /* Misc */ if (dcfg->data_dir == NOT_SET_P) dcfg->data_dir = NULL; @@ -1461,6 +1465,26 @@ static const char *cmd_upload_dir(cmd_parms *cmd, void *_dcfg, const char *p1) { return NULL; } +static const char *cmd_upload_filemode(cmd_parms *cmd, void *_dcfg, const char *p1) { + directory_config *dcfg = (directory_config *)_dcfg; + + if (dcfg == NULL) return NULL; + + if (strcasecmp(p1, "default") == 0) { + dcfg->upload_filemode = NOT_SET; + } + else { + long int mode = strtol(p1, NULL, 8); /* expects octal mode */ + if ((mode == LONG_MAX)||(mode == LONG_MIN)||(mode <= 0)||(mode > 0777)) { + return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for SecUploadFileMode: %s", p1); + } + + dcfg->upload_filemode = (int)mode; + } + + return NULL; +} + static const char *cmd_upload_keep_files(cmd_parms *cmd, void *_dcfg, const char *p1) { directory_config *dcfg = (directory_config *)_dcfg; @@ -2045,6 +2069,14 @@ const command_rec module_directives[] = { "path to the file upload area" ), + AP_INIT_TAKE1 ( + "SecUploadFileMode", + cmd_upload_filemode, + NULL, + CMD_SCOPE_ANY, + "octal permissions mode for uploaded files" + ), + AP_INIT_TAKE1 ( "SecUploadKeepFiles", cmd_upload_keep_files, diff --git a/apache2/buildconf b/apache2/buildconf index ebaca5a8..153f0bf6 100755 --- a/apache2/buildconf +++ b/apache2/buildconf @@ -23,6 +23,9 @@ # build/buildcheck.sh || exit 1 +echo "Generating config header ..." +autoheader -Wall || exit 1 + libtoolize=`build/PrintPath glibtoolize libtoolize15 libtoolize14 libtoolize` if [ "x$libtoolize" = "x" ]; then echo "libtoolize not found in path" diff --git a/apache2/configure.in b/apache2/configure.in index 078bcc25..32f79a1a 100644 --- a/apache2/configure.in +++ b/apache2/configure.in @@ -6,7 +6,8 @@ dnl AC_PREREQ(2.50) -AC_INIT(ModSecurity, 2.5, mod-security-users@lists.sourceforge.net, modsecurity-apache) +AC_INIT() +dnl AC_INIT(ModSecurity, 2.5, mod-security-users@lists.sourceforge.net, modsecurity-apache) AC_CONFIG_SRCDIR([mod_security2.c]) AC_CONFIG_HEADER([mod_security2_config.h]) AC_CONFIG_AUX_DIR([build]) @@ -36,7 +37,7 @@ AC_TYPE_UINT8_T # Checks for library functions. AC_FUNC_MALLOC AC_FUNC_MEMCMP -AC_CHECK_FUNCS([atexit getcwd memset strcasecmp strchr strdup strerror strncasecmp strrchr strstr strtol]) +AC_CHECK_FUNCS([atexit fchmod getcwd memset strcasecmp strchr strdup strerror strncasecmp strrchr strstr strtol]) # Find apxs AC_MSG_NOTICE(looking for Apache module support via DSO through APXS) diff --git a/apache2/mod_security2_config.h.in b/apache2/mod_security2_config.h.in index c13e7aac..394a1313 100644 --- a/apache2/mod_security2_config.h.in +++ b/apache2/mod_security2_config.h.in @@ -3,6 +3,9 @@ /* Define to 1 if you have the `atexit' function. */ #undef HAVE_ATEXIT +/* Define to 1 if you have the `fchmod' function. */ +#undef HAVE_FCHMOD + /* Define to 1 if you have the header file. */ #undef HAVE_FCNTL_H diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h index 26eaf193..0dfcb4ae 100644 --- a/apache2/modsecurity.h +++ b/apache2/modsecurity.h @@ -444,6 +444,7 @@ struct directory_config { const char *upload_dir; int upload_keep_files; int upload_validates_files; + int upload_filemode; /* Used only in the configuration phase. */ msre_rule *tmp_chain_starter; diff --git a/apache2/msc_multipart.c b/apache2/msc_multipart.c index ba2b1a9e..800ecf48 100644 --- a/apache2/msc_multipart.c +++ b/apache2/msc_multipart.c @@ -9,7 +9,9 @@ * */ #include +#include +#include "mod_security2_config.h" #include "msc_multipart.h" #include "msc_util.h" #include "msc_parsers.h" @@ -393,6 +395,21 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) { msr_log(msr, 4, "Multipart: Created temporary file: %s", log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name)); } + + #ifdef HAVE_FCHMOD + if (msr->txcfg->debuglog_level >= 9) { + msr_log(msr, 9, "Multipart: Changing file mode to %04o: %s", msr->txcfg->upload_filemode, log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name)); + } + if (fchmod(msr->mpd->mpp->tmp_file_fd, msr->txcfg->upload_filemode) < 0) { + + char errbuf[256]; + if (msr->txcfg->debuglog_level >= 3) { + msr_log(msr, 3, "Multipart: Could not change mode on \"%s\" (%d): %s", + log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name), + errno, apr_strerror(APR_FROM_OS_ERROR(errno), errbuf, 256)); + } + } + #endif } /* write the reserve first */ diff --git a/doc/modsecurity2-apache-reference.xml b/doc/modsecurity2-apache-reference.xml index 52c2be0d..5d05afac 100644 --- a/doc/modsecurity2-apache-reference.xml +++ b/doc/modsecurity2-apache-reference.xml @@ -3,7 +3,7 @@ ModSecurity Reference Manual - Version 2.5.0-rc2/ (January 23, 2008) + Version 2.5.0-rc2/ (January 24, 2008) 2004-2008 @@ -2002,6 +2002,29 @@ SecRuleUpdateActionById 12345 "t:compressWhitespace,deny,status:403,msg:'A new m SecUploadKeepFiles. +
+ <literal>SecUploadFileMode</literal> + + Description: Configures the mode + (permissions) of any uploaded files using an octal number. + + Syntax: SecUploadFileMode octal_mode + + Example Usage: SecUploadFileMode 0640 + + Processing Phase: N/A + + Scope: Any + + Dependencies/Notes: The mode is an octal + number (as used in chmod). The default mode is for only the account + writing the file to have read/write access (0600). Use this directive + with caution to avoid exposing potentially sensitive data to + unauthorized users. +
+
<literal>SecUploadKeepFiles</literal>