From owner-freebsd-questions Thu Sep 5 13:56:13 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA17796 for questions-outgoing; Thu, 5 Sep 1996 13:56:13 -0700 (PDT) Received: from ime.net (ime.net [204.97.248.4]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id NAA17791 for ; Thu, 5 Sep 1996 13:56:10 -0700 (PDT) Received: from kimiko.tcguy.net (buxton-1.ime.net [206.231.148.130]) by ime.net (8.7.4/8.6.12) with SMTP id QAA08473; Thu, 5 Sep 1996 16:56:05 -0400 (EDT) Message-ID: <322F3E6E.2127@ime.net> Date: Thu, 05 Sep 1996 16:56:14 -0400 From: Gary Chrysler Reply-To: tcg@ime.net Organization: The Computer Guy X-Mailer: Mozilla 3.0b6 (Win95; I) MIME-Version: 1.0 To: Dave Andersen CC: freebsd-questions@freebsd.org Subject: Re: suidperl from httpd not working References: <199609051935.NAA00503@terra.aros.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Dave Andersen wrote: > > Lo and behold, Gary Chrysler once said: > > > Ouch, That seems like a hole to me.. Course I really don't know! > > Nope. It's the right way to do it. > > > Also I'm thinking again.. :( > > So if that was to be done wouldn't ya also want to set em back > > after the script runs???? > > > execv("my perl script", argv); > > setuid(uid); > > seteuid(euid); > > No. execv() replaces the currently executing program with whatever > you exec() to. The second setuid and seteuid calls are never reached - > or shouldn't be if there aren't any errors. > > You don't retain your setuidness after the program exits; the setuid > call only affects the program and its children, not the parent process. > I see said the blind man as he picked up his hammer and saw! Thanks Dave. Take care! -Enjoy Gary ~~~~~~~~~~~~~~~~ Improve America's Knowledge... Share yours The Borg... Where minds meet (207) 929-3848