From owner-freebsd-security Wed Nov 13 22: 9:40 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9BD1637B401 for ; Wed, 13 Nov 2002 22:09:36 -0800 (PST) Received: from smtp02.wlv.untd.com (smtp02.wlv.untd.com [209.247.163.58]) by mx1.FreeBSD.org (Postfix) with SMTP id BD0C243E75 for ; Wed, 13 Nov 2002 22:09:35 -0800 (PST) (envelope-from idiot1@netzero.net) Received: (qmail 17672 invoked from network); 14 Nov 2002 06:06:53 -0000 Received: from dialup-65.58.237.105.dial1.tampa1.level3.net (HELO netzero.net) (65.58.237.105) by smtp02.wlv.untd.com with SMTP; 14 Nov 2002 06:06:53 -0000 Message-ID: <3DD33DA6.55DB03A@netzero.net> Date: Thu, 14 Nov 2002 01:07:34 -0500 From: Kirk Bailey Organization: Silas Dent Memorial Cabal of ERIS Esoteric and hot dog boiling society X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: "security@FreeBSD.ORG" Subject: Re: list scripts, permissions, and ownerships. References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org oops. I quote: 7.Is the target user NOT superuser? Presently, suEXEC does not allow 'root' to execute CGI/SSI programs. Alas, the file appears to be owned by root. Now what? Noah K Sematimba wrote: > > I think that perhaps you need to read about apache's suEXEC mechanism: > > http://httpd.apache.org/docs/suexec.html > > cheers, > > Sematimba Noah Kevin > Systems Administrator > Africa Online Uganda Limited > Commercial Plaza Kampala Road > e-mail: ksemat@africaonline.co.ug > WEB: http://www.africaonline.co.ug > TEL: +256(41)258143 > FAX: +256(41)258144 > > On Wed, 13 Nov 2002, Kirk Bailey wrote: > > > I have a problem. I am writing a script to create lists, and another to destroy > > them- that is, MAIL lists, such as mailman, majordomo, and mojomail and tinylist > > all work with. (I write TinyList.) > > > > The aliases file must have certain permissions, and it appears to be 644 in my > > freebsd box- hope that's correct, but it works fine. And the ownership is root, > > and that works fine. > > > > well, apache in the box is nobody:wheel and runs scripts as such. I have the > > scripts owned nobody:wheel also. They run, but it cannot access the aliases > > file-permissions/ownerships. OK, changed the relevant scripts' ownerships to > > root (gasp!) and tried to run things that way. still no luck. Scripts apparently > > are running as nobody, even though owned by root. > > > > OK, a few questions. > > > > First, how to I get a script to discover what identity it is running as? > > > > Second, how can I insure it runs as a particular identity(so as to be compatable > > with the email system), when run by the web server? > > > > third, what are the correct ownerships and permissions for /etc/mail and for > > aliases? Just want to make sure I have things right. > > > > > > > > > > -- > > > > end > > > > Respectfully, > > Kirk D Bailey > > > > > > +---------------------"Thou Art Free." -Eris-----------------------+ > > | http://www.howlermonkey.net mailto:highprimate@howlermonkey.net | > > | KILL spam dead! http://www.scambusters.org/stopspam/#Pledge | > > | http://www.tinylist.org +--------+ mailto:grumpy@tinylist.org | > > +------------------Thinking| NORMAL |Thinking----------------------+ > > +--------+ > > --------------------------------------------- > > Introducing NetZero Long Distance > > 1st month Free! > > Sign up today at: www.netzerolongdistance.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > -- end Respectfully, Kirk D Bailey +---------------------"Thou Art Free." -Eris-----------------------+ | http://www.howlermonkey.net mailto:highprimate@howlermonkey.net | | KILL spam dead! http://www.scambusters.org/stopspam/#Pledge | | http://www.tinylist.org +--------+ mailto:grumpy@tinylist.org | +------------------Thinking| NORMAL |Thinking----------------------+ +--------+ --------------------------------------------- Introducing NetZero Long Distance 1st month Free! Sign up today at: www.netzerolongdistance.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message