[users@httpd] "IncludesNoExec" complains "unable to include potential exec"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I use ".ssi" as the extension for SSI files and use this option in
".htaccess":
    AddOutputFilter INCLUDES .ssi
Everything worked until two days ago, when the Linux installation was
changed from SuSE to Fedora (Fedora Core 3). SSI virtual includes like:
    <!--#include virtual="/~masatran/includes/header.en-us.xhtml.utf8.ssi"-->
now print:
    [an error occurred while processing this directive]

XML WARNING: These webpages are served as "application/xhtml+xml" to
browsers which accept it. XML errors are unlike HTML errors; a XML document
with an error causes only the error to be displayed. So, the source needs to
be viewed.

Example webpage: <http://research.iiit.ac.in/~masatran/>. The first line is:
    <!--#include virtual="/~masatran/includes/header.en-us.xhtml.utf8.ssi"-->

The included webpage fragment
<http://research.iiit.ac.in/~masatran/includes/header.en-us.xhtml.utf8.ssi>
is accessible by the browser.

".htaccess": <http://research.iiit.ac.in/~masatran/.htaccess>

I did not change anything after the re-installation. (To simplify this
question, I substituted the value of an environment variable, and gave the
filename extension instead of using Multiviews.)

The error log says:
    [Mon Apr 04 01:04:04 2005] [error] [client 172.16.7.36] unable to include potential exec "/~masatran/includes/header.en-us.xhtml.utf8.ssi" in parsed file /research/cde/masatran/public_html/index.en-us.xhtml.utf8.ssi

I am not executing anything; I am including one file in another.

In "httpd.conf", the directory has:
    Options MultiViews Indexes FollowSymlinks IncludesNoExec
On changing this to:
    Options MultiViews Indexes FollowSymlinks Includes
everything works.

But the sysadmin said that he would change it back after a few days; so I
need this to work with "IncludesNoExec".

The (new) httpd gives its version as "Apache/2.0.52 (Fedora)" (in directory
listings).
-- 
Deepak, R. <http://research.iiit.ac.in/~masatran/>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux