Date: Thu, 05 Sep 1996 16:56:14 -0400 From: Gary Chrysler <tcg@ime.net> To: Dave Andersen <angio@aros.net> Cc: freebsd-questions@freebsd.org Subject: Re: suidperl from httpd not working Message-ID: <322F3E6E.2127@ime.net> References: <199609051935.NAA00503@terra.aros.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Dave Andersen wrote:
>
> Lo and behold, Gary Chrysler once said:
>
> > Ouch, That seems like a hole to me.. Course I really don't know!
>
> Nope. It's the right way to do it.
>
> > Also I'm thinking again.. :(
> > So if that was to be done wouldn't ya also want to set em back
> > after the script runs????
>
> > execv("my perl script", argv);
> > setuid(uid);
> > seteuid(euid);
>
> No. execv() replaces the currently executing program with whatever
> you exec() to. The second setuid and seteuid calls are never reached -
> or shouldn't be if there aren't any errors.
>
> You don't retain your setuidness after the program exits; the setuid
> call only affects the program and its children, not the parent process.
>
I see said the blind man as he picked up his hammer and saw!
Thanks Dave.
Take care!
-Enjoy
Gary
~~~~~~~~~~~~~~~~
Improve America's Knowledge... Share yours
The Borg... Where minds meet
(207) 929-3848
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?322F3E6E.2127>