fork in cgi

fork in cgi

Post by Frank Sonnenbur » Fri, 08 May 1998 04:00:00



I have discovered a problem when fork()-ing in CGI scripts.

The target is to start a process in the background within
a CGI script. I'm writing my scripts in C, so I use fork()
to create a new process.

Now, I want the child process to remain in the background
while the parent process should print some html output and
then exit.

BUT THE SERVER WON'T SEND ANY DATA UNLESS THE CHILD TERMINATES!

Here is a very short example; I tried CERN and Apache servers.
When started from a console, we get the desired result:
Output printed, prompting for new commands while background
process still running.

===

#include <stdio.h>
#include <unistd.h>

int main( void )
{
  puts( "Content-Type: text/html\n" );

  if ( fork() == 0 ) {
    /* child process */
    /* server won't return unless it terminates */
    execl( "/usr/bin/sh", "sh", "-c", "sleep 10", NULL );
  }
  /* parent process */
  puts( "<EM> sleep started! </EM>" );

  return 0;

Quote:}

 
 
 

fork in cgi

Post by Marc Slemk » Fri, 08 May 1998 04:00:00



Quote:>I have discovered a problem when fork()-ing in CGI scripts.
>The target is to start a process in the background within
>a CGI script. I'm writing my scripts in C, so I use fork()
>to create a new process.
>Now, I want the child process to remain in the background
>while the parent process should print some html output and
>then exit.
>BUT THE SERVER WON'T SEND ANY DATA UNLESS THE CHILD TERMINATES!
>Here is a very short example; I tried CERN and Apache servers.
>When started from a console, we get the desired result:
>Output printed, prompting for new commands while background
>process still running.

Close stdout in the child.

Be sure to fflush(stdout) before forking though, or you may get
dupe output.

 
 
 

1. /cgi-bin/phf /cgi-bin/test-cgi /cgi-bin/handler

I've been seeing a number of attacks of this sort recently
from various sites in the http logs.  The time correlation
between the logs on various hosts suggests that the attacker
was scanning sequentially upward in IP addresses.  Since all
tcp and udp packets to ports below 1024 except for http,
smtp, and ident are filtered out for most, including the
attacking, sites, I'm not seeing anything else in the logs.

209.61.73.47 - - [04/Jul/1998:07:19:27 -0500] "GET /cgi-bin/phf" 404 -
209.61.73.47 - - [04/Jul/1998:07:19:28 -0500] "GET /cgi-bin/test-cgi" 404 -
209.61.73.47 - - [04/Jul/1998:07:19:28 -0500] "GET /cgi-bin/handler" 404 -

Is this a signature of some known attackware?  If so, what
other attacks accompany these http probes?

--

2. Diamond Stealth 3D 3400 freezes XF86 Need help.

3. comsat forking, forking and forking (3.2.0)

4. Linux Newbi q pls help

5. Forking processes from cgi...

6. XFree86 VESA

7. Problems forking a background process from CGI

8. FTP Mirroring Software

9. CGI / fork question

10. Perl CGI won't fork with mod_perl in Apache

11. Trouble with fork from CGI

12. How to disassociate CGI forked tasks from httpd?

13. Making CGI app.fork server proc and not block HTTPD