From owner-freebsd-security Thu Mar 27 21:11:21 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id VAA19812 for security-outgoing; Thu, 27 Mar 1997 21:11:21 -0800 (PST) Received: from cwsys.cwent.com (0@cschuber.net.gov.bc.ca [142.31.240.113]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA19806; Thu, 27 Mar 1997 21:11:09 -0800 (PST) Received: (from uucp@localhost) by cwsys.cwent.com (8.8.5/8.6.10) id VAA00762; Thu, 27 Mar 1997 21:10:38 -0800 (PST) Message-Id: <199703280510.VAA00762@cwsys.cwent.com> Received: from localhost.cwent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwent.com, id smtpd000756; Fri Mar 28 05:10:31 1997 Reply-to: cschuber@uumail.gov.bc.ca X-Mailer: MH To: "Alejandro V\azquez C." cc: freebsd-bugs@freebsd.org, freebsd-security@freebsd.org, Carlos Mercado , cschuber@uumail.gov.bc.ca Subject: Re: SetUID & Apache in 2.2-RELEASE... In-reply-to: Your message of "Thu, 27 Mar 1997 21:07:06 CST." <333B35DA.2BF3@sui.gda.itesm.mx> Date: Thu, 27 Mar 1997 21:10:30 -0800 From: Cy Schubert Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > I used to have some setuids CGIs running with my 2.1.5 fbsdbox, and > them executed pretty well with Apache 1.1.1 & Perl 5.002. > > Now, I upgraded to 2.2-RELEASE, Apache 1.2b7 & Perl 5.003, and none of > the setuids cgis run (being executed by anybody but root). When I > remove from them the setuid flag, they can be executed (but I need to > execute them as setuids). Any Ideas? Thanx in advance... This is a Perl problem. I've encountered this with other Perl (5.003) scripts before, though I don't know what the solution is yet. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 UNIX Support OV/VM: BCSC02(CSCHUBER) ITSD BITNET: CSCHUBER@BCSC02.BITNET Government of BC Internet: cschuber@uumail.gov.bc.ca cschuber@bcsc02.gov.bc.ca "Quit spooling around, JES do it."