Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 1 Jun 2001 19:00:27 -0400 (EDT)
From:      "Dan Mahoney, System Admin" <danm@prime.gushi.org>
To:        security@freebsd.org, questions@freebsd.org
Subject:   SetUID shell/perl scripts.
Message-ID:  <Pine.BSF.4.21.0106011839340.95298-100000@prime.gushi.org>

next in thread | raw e-mail | index | archive | help
In articles dating as far back as 1997, I see people saying that freeBSD
doesn't support setuid shell scripts.

Does the system make an exception for apache?  Because I'm able to run
setuid root cgi scripts (and they're /usr/bin/perl, not /usr/bin/suidperl,
although they still perform taint checking)  (yes, I know, dangerous).  
Or is it because apache runs its parent process as root, and will jump
down to "nobody" to run scripts, unless they're setuid, in which case it
will suid to whoever.  To my knowledge, I'm not using cgiwrap or suexec.

-Dan


--

"Man, this is such a trip"

-Dan Mahoney, October 25, 1997

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Web: http://prime.gushi.org
finger danm@prime.gushi.org 
for pgp public key and tel#
---------------------------



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0106011839340.95298-100000>