From owner-freebsd-questions  Thu May 31  0:21:16 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from xyzzy.intranet.snsonline.net (dhcp.looksmart.com.au [202.53.47.178])
	by hub.freebsd.org (Postfix) with ESMTP id 373D637B422
	for <questions@FreeBSD.ORG>; Thu, 31 May 2001 00:21:12 -0700 (PDT)
	(envelope-from msergeant@snsonline.net)
Received: from xyzzy.intranet.snsonline.net (localhost [127.0.0.1])
	by xyzzy.intranet.snsonline.net (8.11.3/8.11.3) with SMTP id f4V7K9V36772;
	Thu, 31 May 2001 17:20:14 +1000 (EST)
	(envelope-from msergeant@snsonline.net)
Message-Id: <200105310720.f4V7K9V36772@xyzzy.intranet.snsonline.net>
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
From: "Mark Sergeant" <msergeant@snsonline.net>
To: "Dan Mahoney, System Admin" <danm@prime.gushi.org>,
	questions@FreeBSD.ORG
Subject: Re: Setuid Shell/Perl scripts
X-Mailer: Pronto v2.2.5 On freebsd/mysql
Date: 31 May 2001 02:20:07 EST
Reply-To: "Mark Sergeant" <msergeant@snsonline.net>
In-Reply-To: <Pine.BSF.4.21.0105310307320.70143-100000@prime.gushi.org>
References: <Pine.BSF.4.21.0105310307320.70143-100000@prime.gushi.org>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Why not configure sudo so you can run command as user (nobody whatever web serv
er runs as) without requiring a password.


On Thu, 31 May 2001 03:12:01 -0400 (EDT), Dan Mahoney, System Admin said:

:: I've noticed that recently FreeBSD made it so that setuid shell and perl
::  scripts no longer work, and while I can compile a wrapper for some of the
::  applications, I'd like to know if there's any way to turn this
::  "feature" back off.  I'm planning to upgrade my servers from 3.2-R to
::  4.3-R, and the systems are secure (no users have shell access, other than
::  admins), but a lot of the web scripting relies on setuid scripts (for
::  example, scripts that allow our users to modify our radius entries, or our
::  web-editor, or even our change-your-password-via-the-web interface).
::  
::  Thanks in Advance, please CC any messages regarding this to me, I'm not
::  subscribed.
::  
::  -Dan Mahoney
::  
::  --
::  
::  "Happy, Sad, Happy, Sad, Happy, Sad, Happy, Intruiged!  I've never been so
::  in touch with my emotions!"
::  
::  -AndrAIa as Hexadecimal, Reboot Episode 3.2.3
::  
::  --------Dan Mahoney--------
::  Techie,  Sysadmin,  WebGeek
::  Gushi on efnet/undernet IRC
::  ICQ: 13735144   AIM: LarpGM
::  Web: http://prime.gushi.org
::  finger danm@prime.gushi.org 
::  for pgp public key and tel#
::  ---------------------------
::  
::  
::  
::  To Unsubscribe: send mail to majordomo@FreeBSD.org
::  with "unsubscribe freebsd-questions" in the body of the message
::  
::  

-- 
Mark Sergeant
Unix Systems Administrator

Fortune follows...

I'm rated PG-34!!



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message