Date: Thu, 5 Sep 1996 13:35:15 -0600 (MDT) From: Dave Andersen <angio@aros.net> To: tcg@ime.net Cc: freebsd-questions@freebsd.org Subject: Re: suidperl from httpd not working Message-ID: <199609051935.NAA00503@terra.aros.net> In-Reply-To: <322EEAD7.73A@ime.net> from "Gary Chrysler" at Sep 5, 96 10:59:35 am
next in thread | previous in thread | raw e-mail | index | archive | help
Lo and behold, Gary Chrysler once said:
> Ouch, That seems like a hole to me.. Course I really don't know!
Nope. It's the right way to do it.
> Also I'm thinking again.. :(
> So if that was to be done wouldn't ya also want to set em back
> after the script runs????
> execv("my perl script", argv);
> setuid(uid);
> seteuid(euid);
No. execv() replaces the currently executing program with whatever
you exec() to. The second setuid and seteuid calls are never reached -
or shouldn't be if there aren't any errors.
You don't retain your setuidness after the program exits; the setuid
call only affects the program and its children, not the parent process.
Dave Andersen
--
angio@aros.net Complete virtual hosting and business-oriented
system administration Internet services. (WWW, FTP, email)
http://www.aros.net/ http://www.aros.net/about/virtual
"There are only two industries that refer to their customers as 'users'."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609051935.NAA00503>