segfault with assigned user id on OpenShift by arminabf · Pull Request #2046 · owasp-modsecurity/ModSecurity (original) (raw)

When running httpd on OpenShift, by default the server instance will run with an assigned user ID not appearing in the UNIX password file.

There are several places in the code of mod_security where the user name is tried to retrieved by use of apr_uid_name_get(). As the function can not find a corresponding user name it returns with an error (and argument pointer being NULL). Due to missing error handling constant segmentation faults are faced on OpenShift.

As a fallback on OpenShift (and probably other container platforms), the user id should be used instead of the user name.