From owner-freebsd-security Fri Mar 28 00:04:29 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id AAA26637 for security-outgoing; Fri, 28 Mar 1997 00:04:29 -0800 (PST) Received: from warp10.smartlink.net (smartlink.net [204.118.4.2]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id AAA26632; Fri, 28 Mar 1997 00:04:25 -0800 (PST) Received: from localhost by warp10.smartlink.net(8.6.12/SMARTLINK-1.0) with id AAA28850 SMTP for on Fri, 28 Mar 1997 00:07:05 -0800 From: joe@vpop.net (Joe McDonald) To: "Alejandro Vázquez C." , mreimer@vpop.net Cc: freebsd-bugs@freebsd.org, freebsd-security@freebsd.org, Alejandro Vazquez , Carlos Mercado Subject: Re: SetUID & Apache in 2.2-RELEASE... Date: Fri, 28 Mar 1997 00:04:17 -0800 Organization: VPOP Technologies Inc. Message-ID: <33857ad5.120712265@localhost> References: <333B35DA.2BF3@sui.gda.itesm.mx> <333B7166.7EAF@sui.gda.itesm.mx> In-Reply-To: <333B7166.7EAF@sui.gda.itesm.mx> X-Mailer: Forte Agent 1.0/32.390 MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk A co-worker ran into a similiar problem. He dug into the perl source and found that it checks it's name and if it's not perl, it won't go suid. So that: #!/usr/local/bin/perl5 would *not* work but #!/usr/local/bin/perl would work. I'm not sure of the version, but perhaps this is the problem? regards, -joe On Fri, 28 Mar 1997 01:21:10 -0600, "Alejandro Vázquez C." spaketh: >Alejandro Vázquez C. wrote: > > I used to have some setuids CGIs running with my 2.1.5 fbsdbox, and > > them executed pretty well with Apache 1.1.1 & Perl 5.002. > > Now, I upgraded to 2.2-RELEASE, Apache 1.2b7 & Perl 5.003, and none > of > the setuids cgis run (being executed by anybody but root). When I > remove from them the setuid flag, they can be executed (but I need > to > execute them as setuids). Any Ideas? Thanx in advance... > >New data about this: >Other FBSD 2.2 boxes with Perl5.003 can do the job (execute a setuid cgi >under Apache 1.2b7). I think it's a compatibility problem in the script >itself (Larry, are you there? If so, why can't I use my old 5.002 >setuid-scripts with 5.003). > > ============================================================================= * NewsHub: Updated every 15 minutes/24 hours a day! * http://newshub.com/