Hi, Can there be a setuid perl script which when executed, runs with the privileges of owner of the file ie:- I am root chown root:root /bin/myscript.pl chmod +s /bin/myscript.pl
Now I am a local user /bin/myscript.pl and myscript.pl contains some code which need root privileges to run. On Wednesday 15 February 2006 23:21, Jay Savage wrote: > On 2/15/06, Tom Phoenix <[EMAIL PROTECTED]> wrote: > > On 2/14/06, nishanth ev <[EMAIL PROTECTED]> wrote: > > > I want to start and stop a serviec using cgi script. > > > > Thanks for including your new code. It doesn't seem to change anything > > important, though. Have you tried any of the suggestions you've > > already gotten? Did you use $< and $> to learn what user-id the script > > is running under? Did you capture the output of the command you're > > running, to see whether it's trying to tell you something? > > > > Cheers! > > Also, what permissions do you have enabled (or disabled) in httpd.conf > and htaccess? If the script is owned by root, there's a good change > it's not executable by the web user (usually www or nobody) unless > it's world executable. And if it is world executable, then there's a > whole other set of issues. try changing the ownership to 'www' or > 'nobody'. Otherwise, you'll have to dig into the apache conf files. > > Web servers actually go to a great deal of trouble to prevent what > you're doing. It's possible if you wrk at it hard enough, but it's a > bad idea. if someone can find a way to get a file into a +EXEC > directory on your webserver (if your permissions are this loose, it's > probably not hard), and you allow scipts to be executed as root... > > It's much better to use a cron job that monitors a file, or a deamon > that waits for input from a CGI script and does some basic > verification and sanity checks. > > just my $.02, > > -- j > -------------------------------------------------- > This email and attachment(s): [ ] blogable; [ x ] ask first; [ ] > private and confidential > > daggerquill [at] gmail [dot] com > http://www.tuaw.com http://www.dpguru.com http://www.engatiki.org > > values of β will give rise to dom! -- Easy things should be easy, and hard things should be possible -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
