| View previous topic :: View next topic |
| Author |
Message |
Restless
n00b
Joined: 24 Jun 2003
Posts: 11
Location: Houston, Texas
|
 Posted: Fri Jul 18, 2003 12:33 am Post subject: /etc/init.d, phpinfo() and garbage in Apache's environment |
 |
|
I am setting up a web server and have no real problems other than one thing. When apache is started from /etc/init.d/apache and I view my environment variables using phpinfo() in a PHP script, I see a ton of environment variables that are the names of functions in some script somewhere.
For instance, I have things like
| Code: | | "start-single-daemon" |
having the value
| Code: | "() { local retval=0; local pidfile=; local pidretval=0; local daemon=; local SSD="start-stop-daemon"; if [ "$(eval echo \${DAEMONS/$1/})" != "${DAEMONS}" ]; then daemon="$1"; shift; if [ "$(eval echo \${*/${daemon}/})" = "$*" ]; then return 1; fi; else return 1; fi; if [ -z "${DAEMONS}" -o "$#" -lt 1 -o -z "${daemon}" ]; then return 1; else ${SSD} $*; retval=$?; if [ "${retval}" -ne 0 ]; then return ${retval}; fi; checkpid ${daemon}; pidretval=$?; if [ "${pidretval}" -ne 0 -a "${pidretval}" -ne 1 ]; then return 1; fi; fi; return ${retval} }"
|
It appears to me that these lines are the functions called in /etc/init.d/apache, but I'm not really sure.
In addition, there are other environment variables I would consider "garbage" that I'd like to get rid of, like "USER", "QMAKESPEC", "SSH_TTY", etc, that all I can assume are being inheirited by the environment that runs /etc/init.d/apache.
There are dozens of these in the environment, which makes it very unreadable and unwieldy, but it seems to have no effect on execution.
Curiously, if I stop apache with apachectl, then start it with apachectl, these values are not there. If I use "apachectl restart" after it's been started with /etc/init.d/apache, however, these things are still in my environment.
I am running Apache 1.3.27-r4 and mod_php 4.3.2-r3, which I just emerged trying to see if it would take care of any of this. Any ideas how to clear this up?
Thanks,
Mike |
|
| Back to top |
|
 |
thumper
Guru
Joined: 06 Dec 2002
Posts: 554
Location: Venice FL
|
| Posted: Fri Jul 18, 2003 11:32 pm Post subject: security risk? |
|
|
With all that garbage, more can be garned about the system it is running on and I think it would be a security risk.
I've been looking for a way to prevent it, but no success short of manually stopping and starting by /usr/sbin/apachectl start
I'm still looking into getting it to stop inheriting the environment.
George |
|
| Back to top |
|
|
thumper
Guru
Joined: 06 Dec 2002
Posts: 554
Location: Venice FL
|
| Posted: Sat Jul 19, 2003 12:34 am Post subject: There goes the environment |
|
|
| Code: |
ebegin "Starting apache"
env -i /sbin/start-stop-daemon -o --quiet --start --startas \
/usr/sbin/apache \
--pidfile /var/run/apache.pid -- ${APACHE_OPTS}
|
Well.... This modification to the /etc/init.d/apache script gets rid of the environment completly! The interesting thing will be to see if anything breaks with php/apache.
Try it and then look at phpinfo() output. 
George |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
