Date: Wed, 13 May 1998 16:15:27 -0600 From: Scott Brown <skb@asgard.slcc.edu> To: Doug White <dwhite@resnet.uoregon.edu> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Running quota(1) with setuid Message-ID: <355A1B7F.70D4@asgard.slcc.edu> References: <Pine.BSF.3.96.980513144108.1690O-100000@gdi.uoregon.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug White wrote: > > On Sat, 5 Sep 1998, Scott Brown wrote: > > > I'm trying to run quota(1) as root (as part of a CGI script), but I'm > > not getting the results I want. I've done "chmod 4755 quota", which in > > theory should allow any user to look at any other user's quota info, but > > quota still gives me the "permission denied" error. What am I missing? > > Are you sure you're running the right quota binary? Try giving an > explicit path. Yes. I actually copied the quota binary to the cgi-bin directory, renaming it 'ckquota' -- mainly so that I could mess with it without breaking the original copy. The CGI interface is working correctly, as far as it goes. If I ask it for user "www"'s quotas, it'll show them to me (because I have Apache running in its own account, named "www"). If I ask for any other user's quotas, I get an empty document returned, and a line in my httpd-error.log like this: ckquota: skb (uid 1001): permission denied Which is quite in line with what the quota(1) man page says should happen. So adding the setuid bit to ckquota hasn't changed its behavior at all. Incidentally, ckquota is owned by "root:www". I'm lost. I thought I understood how setuid stuff worked, but I'm having doubts... -Scott To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?355A1B7F.70D4>