From owner-freebsd-isp@FreeBSD.ORG  Fri Oct 29 04:00:10 2004
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5BFD316A4CE
	for <freebsd-isp@freebsd.org>; Fri, 29 Oct 2004 04:00:10 +0000 (GMT)
Received: from pi.codefab.com (pi.codefab.com [199.103.21.227])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0F35143D39
	for <freebsd-isp@freebsd.org>; Fri, 29 Oct 2004 04:00:10 +0000 (GMT)
	(envelope-from cswiger@mac.com)
Received: from [192.168.1.3] (pool-68-160-246-51.ny325.east.verizon.net
	[68.160.246.51])
	by pi.codefab.com (8.12.11/8.12.11) with ESMTP id i9T403X4083719
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 29 Oct 2004 00:00:06 -0400 (EDT)
Message-ID: <4181C040.3090606@mac.com>
Date: Fri, 29 Oct 2004 00:00:00 -0400
From: Chuck Swiger <cswiger@mac.com>
Organization: The Courts of Chaos
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.7.3) Gecko/20040910
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: "Eric W. Bates" <ericx_lists@vineyard.net>
References: <41814DAA.80206@vineyard.net>
In-Reply-To: <41814DAA.80206@vineyard.net>
X-Enigmail-Version: 0.86.1.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, hits=-3.7 required=5.5 tests=AWL,BAYES_00 autolearn=ham 
	version=2.64
X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on pi.codefab.com
cc: freebsd-isp@freebsd.org
Subject: Re: Problems with rc.subr and suid script
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Oct 2004 04:00:10 -0000

Eric W. Bates wrote:
> I've written a CGI which is calling /usr/local/rc.d/squid.sh in an 
> attempt to start/stop the proxy.  Stopping works fine; however, whenever 
> I try to start it I'm having permissions problems.
> 
> It seems as tho rc.subr is using RUID instead of EUID.
> 
> The CGI is written in perl.

Perl may be disregarding the setuid bit of the script in order to avoid the 
security risks.  Consider changing your script to work via sudo.

-- 
-Chuck