From owner-freebsd-security Thu Nov 14 6:54:14 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5437937B401 for ; Thu, 14 Nov 2002 06:54:11 -0800 (PST) Received: from gunjin.wccnet.org (gunjin.wccnet.org [198.111.176.99]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8AB0B43E4A for ; Thu, 14 Nov 2002 06:54:10 -0800 (PST) (envelope-from anthony@gunjin.wccnet.org) Received: from gunjin.wccnet.org (localhost.rexroof.com [127.0.0.1]) by gunjin.wccnet.org (8.12.3/8.12.2) with ESMTP id gAEF25Lj021108; Thu, 14 Nov 2002 10:02:05 -0500 (EST) Received: (from anthony@localhost) by gunjin.wccnet.org (8.12.3/8.12.3/Submit) id gAEF240b021107; Thu, 14 Nov 2002 10:02:04 -0500 (EST) Date: Thu, 14 Nov 2002 10:02:04 -0500 From: Anthony Schneider To: Eric Anderson Cc: Kirk Bailey , "security@FreeBSD.ORG" Subject: Re: list scripts, permissions, and ownerships. Message-ID: <20021114150204.GA20990@x-anthony.com> References: <3DD33DA6.55DB03A@netzero.net> <3DD3A5E7.8020908@centtech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DD3A5E7.8020908@centtech.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org suexec executes cgi scripts as the owning user. the idea (very briefly) is to get around mutual "nobody" ownership of files and such. as for the original question, from "scripts" there are many ways to get your uid. system commands: whoami, id bash/zsh: echo $UID csh/tcsh (not so certain about csh...): echo $uid perl: print $< . "\n"; i'm sure that python, tcl, ruby and others have methods along the lines of a getuid() call. i believe in python you can import OS and getuid(). something to keep in consideration is the existence of the effective uid, which can generally be reached by similar methods, like geteuid(), or echo $EUID. -Anthony. On Thu, Nov 14, 2002 at 07:32:23AM -0600, Eric Anderson wrote: > Kirk Bailey wrote: > >oops. I quote: > > > > 7.Is the target user NOT superuser? > > > > Presently, suEXEC does not allow 'root' to execute CGI/SSI > > programs. > > > >Alas, the file appears to be owned by root. Now what? > > > I'm assuming by "owned by root" you mean setuid bit is on and the > ownership is root? Just making a file owned by root doesn't make it run > as root. If you DID have the setuid bit on, and it IS root owned, you > are in dangerous waters. It's not really a great idea to have suid root > programs running from a web site - all it takes is for you to miss one > thing and the "evil hacker" has root access on your box, instead of just > access as "nobody". > > The nobody user should be able to read the aliases file just fine with > no extra permissions. > > Eric > > > -- > ------------------------------------------------------------------ > Eric Anderson Systems Administrator Centaur Technology > Beware the fury of a patient man. > ------------------------------------------------------------------ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message