Date: Wed, 13 May 1998 16:15:27 -0600 From: Scott Brown <skb@asgard.slcc.edu> To: Doug White <dwhite@resnet.uoregon.edu> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Running quota(1) with setuid Message-ID: <355A1B7F.70D4@asgard.slcc.edu> References: <Pine.BSF.3.96.980513144108.1690O-100000@gdi.uoregon.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug White wrote:
>
> On Sat, 5 Sep 1998, Scott Brown wrote:
>
> > I'm trying to run quota(1) as root (as part of a CGI script), but I'm
> > not getting the results I want. I've done "chmod 4755 quota", which in
> > theory should allow any user to look at any other user's quota info, but
> > quota still gives me the "permission denied" error. What am I missing?
>
> Are you sure you're running the right quota binary? Try giving an
> explicit path.
Yes. I actually copied the quota binary to the cgi-bin directory,
renaming it 'ckquota' -- mainly so that I could mess with it without
breaking the original copy.
The CGI interface is working correctly, as far as it goes. If I ask it
for user "www"'s quotas, it'll show them to me (because I have Apache
running in its own account, named "www"). If I ask for any other user's
quotas, I get an empty document returned, and a line in my
httpd-error.log like this:
ckquota: skb (uid 1001): permission denied
Which is quite in line with what the quota(1) man page says should
happen. So adding the setuid bit to ckquota hasn't changed its behavior
at all. Incidentally, ckquota is owned by "root:www".
I'm lost. I thought I understood how setuid stuff worked, but I'm
having doubts...
-Scott
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?355A1B7F.70D4>