Date: Thu, 05 Sep 1996 10:59:35 -0400 From: Gary Chrysler <tcg@ime.net> To: Jeffrey Wheat <jeff@tad.cetlink.net> Cc: Paul Walsh <paul@nation-net.com>, freebsd-questions@freebsd.org Subject: Re: suidperl from httpd not working Message-ID: <322EEAD7.73A@ime.net> References: <199609051332.JAA27682@tad.cetlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Jeffrey Wheat wrote: > > In reply to Paul Walsh's email > > Is there any way an httpd user (nobody) can run a setuid perl script through > > cgi? Does it have to be a 'real' user. > > Paul, > I use a wrapper to do this. > > main(argc,argv) > int argc; > char **argv; > { > setuid(0); > seteuid(0); > execv("my perl script", argv); > } > Ouch, That seems like a hole to me.. Course I really don't know! Also I'm thinking again.. :( So if that was to be done wouldn't ya also want to set em back after the script runs???? ie: (Warning! I am a thief! I stole this code from above and tweeked. :) main(argc,argv) int argc; char **argv; { int uid = getuid(); int euid = geteuid(); setuid(0); seteuid(0); execv("my perl script", argv); setuid(uid); seteuid(euid); } Or something like that, Data types may not be right, But the idea is. Nope, I'm no guru here, Just stinking outloud! -Enjoy Gary ~~~~~~~~~~~~~~~~ Improve America's Knowledge... Share yours The Borg... Where minds meet (207) 929-3848
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?322EEAD7.73A>