On Fri, Jan 09, 2004 at 01:11:35PM -0500, Bob Ammerman wrote: > I am far from being a Linux expert, but... > > Don't 'setuid' the script. Rather, 'setuid' the binary program and chown it > to 'root'. Then stick that binary somewhere that only an apache run script can get to it. BAJ > > Bob Ammerman > RAm Systems > > > ----- Original Message ----- > From: "Jesse Lackey" > To: > Sent: Friday, January 09, 2004 11:46 AM > Subject: Re: [OT]: Linux Help > > > > Linux does not honor suid shell scripts for security reasons: > > > http://lists.debian.org/debian-security/2000/debian-security-200006/msg00025.html > > > > I ran into this awhile ago. I wrote a little binary that's suid root to > > run some scripts I have that must run as root. > > I don't know the situation for perl. > > > > Jesse > > > > Herbert Graf wrote: > > >>Suid works here. Make the program root.root 4510 and have it touch a > file > > >>in /tmp. This will tell you what permissions it runs under. > > >> > > >>Peter > > > > > > > > > I have the following set: > > > -rwsr-xr-x 1 root root 239 Jan 8 21:05 test.pl > > > > > > and get the following when I run as another user: > > > # ./test.pl > > > Can't do setuid > > > > > > Thanks, TTYL > > > > > > ---------------------------------- > > > Herbert's PIC Stuff: > > > http://repatch.dyndns.org:8383/pic_stuff/ > > > > > > -- > > > http://www.piclist.com hint: The PICList is archived three different > > > ways. See http://www.piclist.com/#archives for details. > > > > > > > > > > > > -- > > "There are 10 kinds of people in the world; those who understand binary > > and those who don't." > > > > -- > > http://www.piclist.com hint: The PICList is archived three different > > ways. See http://www.piclist.com/#archives for details. > > > > -- > http://www.piclist.com hint: The PICList is archived three different > ways. See http://www.piclist.com/#archives for details. -- http://www.piclist.com hint: The PICList is archived three different ways. See http://www.piclist.com/#archives for details.