Conflict between suhosin and roundcube

interfasys

interfasys

Verified User
Joined
Oct 31, 2003
Messages
1,821
Location
Switzerland
From the logs
Code: 
ALERT - script tried to disable memory_limit by setting it to a negative value -1 bytes which is not allowed (attacker 'REMOTE_ADDR not set', file '/var/www/html/roundcubemail-1.0.3/bin/indexcontacts.sh', line 25)

The sushosin config in the .ini file should perhaps add an exception for that script.
 
Thank you for the report :) It's fixed in rev. 1066. To fix it instantly on your system:
Code: 
perl -pi -e 's#^\#\!/usr/bin/env php#\#\!/usr/local/bin/php \-n#' /var/www/html/roundcube/bin/msgimport.sh
perl -pi -e 's#^\#\!/usr/bin/env php#\#\!/usr/local/bin/php \-n#' /var/www/html/roundcube/bin/indexcontacts.sh
perl -pi -e 's#^\#\!/usr/bin/env php#\#\!/usr/local/bin/php \-n#' /var/www/html/roundcube/bin/msgexport.sh

That way suhosin wouldn't be loaded at all when executing these bash scripts.
 
Same log error again on roundcube 1.04 update.
Code: 
suhosin[26959]: ALERT - script tried to disable memory_limit by setting it to a negative value -1 bytes which is not allowed (attacker 'REMOTE_ADDR not set', file '/var/www/html/roundcubemail-1.0.4/bin/indexcontacts.sh', line 25)
indexcontacts.sh script head
Code: 
#!/usr/local/bin/php -n
<?php
/*
 +-----------------------------------------------------------------------+
 | bin/indexcontacts.sh                                                  |
CentOS 6.6 (32bits) and CustomBuild 2.0.0-RC7 (rev: 1178)
 
redesb, are you sure your suhosin extension was installed using CB 2.0, and not manually? You might have suhosin.so loaded in your main php.ini file.
 
Yes, very sure. See the content of /usr/local/php53/lib/php.conf.d/10-directadmin.ini
Code: 
extension_dir=/usr/local/php53/lib/php/extensions/no-debug-non-zts-20090626
extension=suhosin.so
suhosin.session.encrypt=Off
zend_extension=/usr/local/lib/ZendGuardLoader5.3.so
 
And what about the following:
Code: 
grep 'suhosin' /usr/local/php53/lib/php.ini
 
There is no 'suhosin' in /usr/local/php53/lib/php.ini.
When 'suhosin' compiled by CB is not included by default?
What need to do for correct the problem?

TIA
 
I still think there must be a misconfiguration somewhere on your server :) May I check it directly on the server free of charge?
 
You must log in or register to reply here.
Back
Top