Date: Mon, 26 Jun 2000 09:40:16 -0700 From: Doug Barton <DougB@gorean.org> To: Leif Neland <leifn@neland.dk> Cc: InvictaNet Customer Support <support@invicta.net>, Freebsd-ISP <freebsd-isp@FreeBSD.ORG> Subject: Re: DNS Message-ID: <39578770.D379B114@gorean.org> References: <Pine.BSF.4.05.10006261039220.1324-100000@arnold.neland.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Leif Neland wrote:
>
> On Mon, 26 Jun 2000, InvictaNet Customer Support wrote:
>
> > Hi
> >
> > However, we can't get the script to run as root (on FreeBSD 3.x). I have
> > tried suid on its own and by using a c wrapper as explained in the perl
> > docs. Neither works.
>
> Don't run as root then.
> Run, and let the files be owned by another user. Perhaps even run named in
> a sandbox.
Another possible solution is sudo. Install it from the ports and add
your CGI user with the ability to run certain commands without a
password. I would recommend that you create a script that only does 'ndc
reload' instead of giving the CGI user total access to ndc... just in
case.
Good luck,
Doug
--
"Live free or die"
- State motto of my ancestral homeland, New Hampshire
Do YOU Yahoo!?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39578770.D379B114>