> On Fri, Jan 09, 2004 at 04:00:44PM -0500, Herbert Graf wrote:
>
> Herbert,
>
> I hadn't heard back. Any luck?

        Nope.

> >>3) What is the connection between the script and the program that
> >>accesses the
> >>   webcam?
> >
> >   I checks a few files,
> >   runs the capture program,
>
> Now here's the interesting part. Since the executable is suid
> root, and anyone
> can run it, then when Apache runs this, it should turn suid root and work.
> Could the problem be where you are running the application? The
> command line
> will have a different working directory than when apache runs.

        The app, although it's setuid root, always reports permission denied. I
changed the source to print out the uid it's running under, and when run as
root it reports being run at uid zero, yet when I run it as another user,
even though it has the setuid bit set, it reports a uid of 500. I can't
figure out why the setuid isn't working.

        I haven't had much more time to deal with this, however it's a perfect
example of why Linux is still slow to catch on, simple things like this can
hit experienced people, imagine a user who doesn't know what they are doing?

        I love Linux, but the patchwork of "getting around" it's built in security
is a nightmare. TTYL

--
http://www.piclist.com hint: PICList Posts must start with ONE topic:
[PIC]:,[SX]:,[AVR]: ->uP ONLY! [EE]:,[OT]: ->Other [BUY]:,[AD]: ->Ads