From owner-freebsd-questions Thu Sep 5 12:35:20 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA11608 for questions-outgoing; Thu, 5 Sep 1996 12:35:20 -0700 (PDT) Received: from mailhub.aros.net (mailhub.aros.net [205.164.111.17]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA11601 for ; Thu, 5 Sep 1996 12:35:18 -0700 (PDT) Received: from terra.aros.net (terra.aros.net [205.164.111.10]) by mailhub.aros.net (8.7.5/Unknown) with ESMTP id NAA29218; Thu, 5 Sep 1996 13:35:17 -0600 (MDT) Received: (from angio@localhost) by terra.aros.net (8.7.5/8.6.12) id NAA00503; Thu, 5 Sep 1996 13:35:15 -0600 From: Dave Andersen Message-Id: <199609051935.NAA00503@terra.aros.net> Subject: Re: suidperl from httpd not working To: tcg@ime.net Date: Thu, 5 Sep 1996 13:35:15 -0600 (MDT) Cc: freebsd-questions@freebsd.org In-Reply-To: <322EEAD7.73A@ime.net> from "Gary Chrysler" at Sep 5, 96 10:59:35 am X-Mailer: ELM [version 2.4 PL25 PGP2] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Lo and behold, Gary Chrysler once said: > Ouch, That seems like a hole to me.. Course I really don't know! Nope. It's the right way to do it. > Also I'm thinking again.. :( > So if that was to be done wouldn't ya also want to set em back > after the script runs???? > execv("my perl script", argv); > setuid(uid); > seteuid(euid); No. execv() replaces the currently executing program with whatever you exec() to. The second setuid and seteuid calls are never reached - or shouldn't be if there aren't any errors. You don't retain your setuidness after the program exits; the setuid call only affects the program and its children, not the parent process. Dave Andersen -- angio@aros.net Complete virtual hosting and business-oriented system administration Internet services. (WWW, FTP, email) http://www.aros.net/ http://www.aros.net/about/virtual "There are only two industries that refer to their customers as 'users'."