Bug#74228: marked as done (suEXEC minUID/minGID setting)

Your message dated Thu, 26 Jun 2003 11:02:36 -0400
with message-id <E19VYGi-0004zA-00@xxxxxxxxxxxxxxxx>
and subject line Bug#74228: fixed in apache 1.3.27.0-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 6 Oct 2000 22:29:51 +0000
>From mlists@xxxxxxxxxxxxxxxxxxxxxxxxx Fri Oct 06 17:29:51 2000
Return-path: <mlists@xxxxxxxxxxxxxxxxxxxxxxxxx>
Received: from e3.ny.us.ibm.com [::ffff:32.97.182.103] 
        by master.debian.org with esmtp (Exim 3.12 1 (Debian))
        id 13hfzz-0000cJ-00; Fri, 06 Oct 2000 17:29:51 -0500
Received: from northrelay02.pok.ibm.com (northrelay02.pok.ibm.com 
[9.117.200.22])
        by e3.ny.us.ibm.com (8.9.3/8.9.3) with ESMTP id SAA201258
        for <submit@xxxxxxxxxxxxxxx>; Fri, 6 Oct 2000 18:29:27 -0400
Received: from WORLD ([9.242.61.53])
        by northrelay02.pok.ibm.com (8.8.8m3/NCO v4.93) with SMTP id SAA95348
        for <submit@xxxxxxxxxxxxxxx>; Fri, 6 Oct 2000 18:29:40 -0400
Message-Id: <200010062229.SAA95348@xxxxxxxxxxxxxxxxxxxxxxxx>
From: "Hajo Noerenberg" <mlists@xxxxxxxxxxxxxxxxxxxxxxxxx>
To: "submit@xxxxxxxxxxxxxxx" <submit@xxxxxxxxxxxxxxx>
Date: Fri, 06 Oct 2000 18:31:14 -0400
Reply-To: "Hajo Noerenberg" <mlists@xxxxxxxxxxxxxxxxxxxxxxxxx>
Priority: Normal
X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Subject: suEXEC minUID/minGID setting
Delivered-To: submit@xxxxxxxxxxxxxxx


Package: apache
Version: 1.3.X-X

The debian apache package uses the default minUID/minGID
settings for the suEXEC wrapper (minUID=100/minGID=100).

The debian-policy manual [1] states that accounts in the
UID range 100-999 are dynamically allocated by _system_
users and groups (e.g. identd, gdm, postfix).

I would recommend to set minUID and minGID to 1000.

[1] http://www.debian.org/doc/debian-policy/ch3.html#s3.2




---------------------------------------
Received: (at 74228-close) by bugs.debian.org; 26 Jun 2003 15:09:02 +0000
>From katie@xxxxxxxxxxxxxxxx Thu Jun 26 10:09:02 2003
Return-path: <katie@xxxxxxxxxxxxxxxx>
Received: from auric.debian.org [206.246.226.45] 
        by master.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 19VYMv-00051a-00; Thu, 26 Jun 2003 10:09:01 -0500
Received: from katie by auric.debian.org with local (Exim 3.35 1 (Debian))
        id 19VYGi-0004zA-00; Thu, 26 Jun 2003 11:02:36 -0400
From: fabbione@xxxxxxxxxxxx (Fabio M. Di Nitto)
To: 74228-close@xxxxxxxxxxxxxxx
X-Katie: $Revision: 1.34 $
Subject: Bug#74228: fixed in apache 1.3.27.0-2
Message-Id: <E19VYGi-0004zA-00@xxxxxxxxxxxxxxxx>
Sender: Archive Administrator <katie@xxxxxxxxxxxxxxxx>
Date: Thu, 26 Jun 2003 11:02:36 -0400
Delivered-To: 74228-close@xxxxxxxxxxxxxxx

We believe that the bug you reported is fixed in the latest version of
apache, which is due to be installed in the Debian FTP archive:

apache-common_1.3.27.0-2_i386.deb
  to pool/main/a/apache/apache-common_1.3.27.0-2_i386.deb
apache-dev_1.3.27.0-2_i386.deb
  to pool/main/a/apache/apache-dev_1.3.27.0-2_i386.deb
apache-doc_1.3.27.0-2_all.deb
  to pool/main/a/apache/apache-doc_1.3.27.0-2_all.deb
apache-ssl_1.3.27.0-2_i386.deb
  to pool/main/a/apache/apache-ssl_1.3.27.0-2_i386.deb
apache_1.3.27.0-2.diff.gz
  to pool/main/a/apache/apache_1.3.27.0-2.diff.gz
apache_1.3.27.0-2.dsc
  to pool/main/a/apache/apache_1.3.27.0-2.dsc
apache_1.3.27.0-2_i386.deb
  to pool/main/a/apache/apache_1.3.27.0-2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 74228@xxxxxxxxxxxxxxx,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Fabio M. Di Nitto <fabbione@xxxxxxxxxxxx> (supplier of updated apache package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@xxxxxxxxxx)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 26 Jun 2003 15:31:43 +0200
Source: apache
Binary: apache-dev apache apache-common apache-doc apache-ssl
Architecture: source i386 all
Version: 1.3.27.0-2
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@xxxxxxxxxxxxxxxx>
Changed-By: Fabio M. Di Nitto <fabbione@xxxxxxxxxxxx>
Description: 
 apache     - Versatile, high-performance HTTP server
 apache-common - Support files for all Apache webservers
 apache-dev - Apache webserver development kit
 apache-doc - Apache webserver docs
 apache-ssl - Versatile, high-performance HTTP server with SSL support
Closes: 47395 63217 74228 129570 134691 144723 150612 153523 161639 175849 
176061 176077 186574 190341 196945
Changes: 
 apache (1.3.27.0-2) unstable; urgency=low
 .
   * (Fabio M. Di Nitto)
     - moved suexec from apache-common to apache
     - ssl-certicate updated by Andrea Mennucci (Closes: #175849)
     - added ssl-certicate man page (Closes: #129570)
     - fixed a bunch of linda/lintian warnings
     - update mime.types for ogg application (RFC3534)
     - apache-ssl merge: now it will be built in sync with apache
     - updated Debian standards to 3.5.10
     - png icons are fixed at build time (Closes: #150612)
     - do not restart apache in logrotate if it was not running before
       (Closes: #134691)
     - updated mod_eaccess to 2.3.3.9
       (Closes: #190341)
     - updated languages in httpd.conf (Closes: #144723)
       Thanks to Pierfrancesco Caci <pf@xxxxxxx> for the patch
     - Closing bugs related to/fixed by NMU's (apache-ssl)
       Normal   (Closes: #176061, #176077)
   * (Thom May)
     - document suexec's default config
     - stop copying suexec.{c,h} to /usr/share/doc/apache (Closes: #47395)
   * (Tollef Fog Heen)
     - Ask about suExec on install (closes: #161639, #153523, #63217)
     - Bump MINUID in suexec.h to 1000 (closes: #74228)
     - Get rid of /usr/doc/apache-ssl symlink
     - Don't create /etc/apache{,-ssl}/conf symlink
     - libmagic1 is now a dependency to support correctly mod_mime_magic,
       also fix default path to magic file in httpd.conf.
       (Closes: #186574)
     - Postinst cleanup and factoring of common parts.  Get rid of
       pre-potato transition stuff. (Closes: #196945)
     - Stop echoing in postrm, since it confuses debconf.
     - Move adduser calls to apache-common also make the adduser and
       addgroup calls non-conditional.
Files: 
 b7ae94153a77c08a97dc013d700cf2c0 842 web optional apache_1.3.27.0-2.dsc
 5926b939a021a72c86afbd984bb57b06 435428 web optional apache_1.3.27.0-2.diff.gz
 4785f02d9f45b67050c37142e54ec721 1037970 doc optional 
apache-doc_1.3.27.0-2_all.deb
 3fc0196d46430a36dbb90a3f8134fb75 369808 web optional apache_1.3.27.0-2_i386.deb
 e5c38bb783381723e9b999b25cd92a16 417236 web optional 
apache-ssl_1.3.27.0-2_i386.deb
 1122e3194e876ebfd35f8db0504a8730 1621524 devel extra 
apache-dev_1.3.27.0-2_i386.deb
 66d91dc5ad6ef5c05b6ef3b7cc4fa82f 780840 web optional 
apache-common_1.3.27.0-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE++wlNhCzbekR3nhgRAgQ8AJsEwfP86S4OZd5G/jQA8F76nacTVACfX1ft
LXFnwzwbtemG4RT0ztL0lT4=
=llfp
-----END PGP SIGNATURE-----