PHP :: Bug #190 :: UID of server process in HTTP authentication realm

Bug #190	UID of server process in HTTP authentication realm
Submitted:	1998-03-19 07:03 UTC	Modified:	1998-03-21 20:19 UTC
From:	alphen at craxx dot com	Assigned:	rasmus (profile)
Status:	Closed	Package:	Other
PHP Version:	3.0b6	OS:	Linux 2.0.33 (RedHat 5.0)
Private report:	No	CVE-ID:	None

View Developer Edit

[1998-03-19 07:03 UTC] alphen at craxx dot com

Hi All,

Whenever I use this test.php3

<?
header("HTTP/1.1 401 Authorization Required");
header("WWW-Authenticate: Basic realm=\"SQL\"");
?>

(order doesn't matter here, i tried)

I get (using telnet www 80):

HTTP/1.1 401 Authorization Required
Date: Fri, 20 Mar 1998 11:54:15 GMT
Server: Apache/1.2.5 Ben-SSL/1.13
WWW-Authenticate: Basic realm="502 SQL"
Connection: close
Content-Type: text/html

Connection closed by foreign host.

In other words: the UID of the server process (with suexec, this is 502) is in the auth realm. Using a plain .htaccess file, this is not the case.

As you can see I'm using Apache 1.2.5 with SSL hacks (Apache-SSL). This is through a non-SLL connection.

Furthermore, PHP3.0b6 is linked agains MySQL3.21...mumble

I've looked through the php and apache source but couldn't find anything useful.

Thanks,

Laurens van Alphen
alphen@craxx.com

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[1998-03-21 20:19 UTC] rasmus

This is not a bug.  Expected behaviour when PHP is running in safe mode.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 17:01:58 2024 UTC