From owner-freebsd-security Fri Mar 28 20:50:43 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id UAA08221 for security-outgoing; Fri, 28 Mar 1997 20:50:43 -0800 (PST) Received: from agora.rdrop.com (root@agora.rdrop.com [199.2.210.241]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id UAA08216 for ; Fri, 28 Mar 1997 20:50:35 -0800 (PST) Received: from mailbox.nosc.mil by agora.rdrop.com with smtp (Smail3.1.29.1 #17) id m0wAq5y-0008v9C; Fri, 28 Mar 97 20:50 PST Received: from localhost (swann@localhost) by mailbox.nosc.mil (8.8.3/8.8.3) with SMTP id XAA18980 for ; Fri, 28 Mar 1997 23:39:02 -0500 (EST) X-Authentication-Warning: mailbox.nosc.mil: swann owned process doing -bs Date: Fri, 28 Mar 1997 23:39:01 -0500 (EST) From: Bryan Swann X-Sender: swann@mailbox To: freebsd-security@freebsd.org Subject: Re: SetUID & Apache in 2.2-RELEASE... In-Reply-To: <199703280618.AAA11018@main.gbdata.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Someone else originally setup a FBSD box that I now administer. It is running 2.1.5 FBSD and Apache 1.2b6. I was attempting to write a PERL suid CGI script as well. I found that the suid script would fail with NO error messages. I also found that a bourne shell suid script would not run either. I assume that suid scripts are not allowed in FBSD. If there is a way to allow suid scripts, please forward the information. BTW, I tried to get the PERL suid emulation working, but I would agree that this doesn't work yet. Although I didn't get any compile errors, the suid script still failed after I tried multiple times to compile the emulation into PERL. __________________________________________________________________________ | Bryan Swann (swann@nosc.mil) 803/974-4267 803/974-5080 (Fax) | | Eagan McAllister Associates, Inc. | | | | "Everything must be working perfectly, cause I don't smell any smoke" | -------------------------------------------------------------------------- On Fri, 28 Mar 1997, Gary Clark II wrote: > Cy Schubert wrote: > > > I used to have some setuids CGIs running with my 2.1.5 fbsdbox, and > > > them executed pretty well with Apache 1.1.1 & Perl 5.002. > > > > > > Now, I upgraded to 2.2-RELEASE, Apache 1.2b7 & Perl 5.003, and none of > > > the setuids cgis run (being executed by anybody but root). When I > > > remove from them the setuid flag, they can be executed (but I need to > > > execute them as setuids). Any Ideas? Thanx in advance... > > > > This is a Perl problem. I've encountered this with other Perl (5.003) > > scripts before, though I don't know what the solution is yet. > > > The problem is that the port does not setup perl to do suid scripts. You > have to enable this in the configure script. > > > > > Cy Schubert Fax: (250)387-5766 > > Gary > > -- > Gary Clark II (N5VMF) | I speak only for myself and "maybe" my company > gclarkii@GBData.COM | Member of the FreeBSD Doc Team > Providing Internet and ISP startups - http://WWW.GBData.com for information > FreeBSD FAQ at ftp://ftp.FreeBSD.ORG/pub/FreeBSD/docs/FAQ.latin1 >