Date: Fri, 29 Oct 2004 09:31:38 +0200 From: Frode Nordahl <frode@nordahl.net> To: "Eric W. Bates" <ericx_lists@vineyard.net> Cc: freebsd-isp@freebsd.org Subject: Re: Problems with rc.subr and suid script Message-ID: <91ADB2F2-297C-11D9-A7DA-000A95A9A574@nordahl.net> In-Reply-To: <41814DAA.80206@vineyard.net> References: <41814DAA.80206@vineyard.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Oct 28, 2004, at 21:51, Eric W. Bates wrote:
> I've written a CGI which is calling /usr/local/rc.d/squid.sh in an
> attempt to start/stop the proxy. Stopping works fine; however,
> whenever I try to start it I'm having permissions problems.
>
> It seems as tho rc.subr is using RUID instead of EUID.
>
> The CGI is written in perl.
Try to set the real uid then:
$< = $>;
or
$UID = $EUID;
or
$REAL_USER_ID = $EFFECTIVE_USER_ID;
(ref perlvar manpage)
shesh. Perl is crazy :-D
Also, suidperl is paranoid about environment etc, so make sure you set
up a safe $ENV{PATH} etc. And of course, try to run the script from
commandline as an unprivileged user and look for errors and warnings.
Mvh,
Frode
> Thanks.
>
> --
> Eric Bates
> _______________________________________________
> freebsd-isp@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?91ADB2F2-297C-11D9-A7DA-000A95A9A574>