Date: Thu, 14 Nov 2002 01:07:34 -0500 From: Kirk Bailey <idiot1@netzero.net> To: "security@FreeBSD.ORG" <security@FreeBSD.ORG> Subject: Re: list scripts, permissions, and ownerships. Message-ID: <3DD33DA6.55DB03A@netzero.net> References: <Pine.LNX.4.44.0211140848220.9334-100000@serendipity.ksemat.co.ug>
next in thread | previous in thread | raw e-mail | index | archive | help
oops. I quote:
7.Is the target user NOT superuser?
Presently, suEXEC does not allow 'root' to execute CGI/SSI
programs.
Alas, the file appears to be owned by root. Now what?
Noah K Sematimba wrote:
>
> I think that perhaps you need to read about apache's suEXEC mechanism:
>
> http://httpd.apache.org/docs/suexec.html
>
> cheers,
>
> Sematimba Noah Kevin
> Systems Administrator
> Africa Online Uganda Limited
> Commercial Plaza Kampala Road
> e-mail: ksemat@africaonline.co.ug
> WEB: http://www.africaonline.co.ug
> TEL: +256(41)258143
> FAX: +256(41)258144
>
> On Wed, 13 Nov 2002, Kirk Bailey wrote:
>
> > I have a problem. I am writing a script to create lists, and another to destroy
> > them- that is, MAIL lists, such as mailman, majordomo, and mojomail and tinylist
> > all work with. (I write TinyList.)
> >
> > The aliases file must have certain permissions, and it appears to be 644 in my
> > freebsd box- hope that's correct, but it works fine. And the ownership is root,
> > and that works fine.
> >
> > well, apache in the box is nobody:wheel and runs scripts as such. I have the
> > scripts owned nobody:wheel also. They run, but it cannot access the aliases
> > file-permissions/ownerships. OK, changed the relevant scripts' ownerships to
> > root (gasp!) and tried to run things that way. still no luck. Scripts apparently
> > are running as nobody, even though owned by root.
> >
> > OK, a few questions.
> >
> > First, how to I get a script to discover what identity it is running as?
> >
> > Second, how can I insure it runs as a particular identity(so as to be compatable
> > with the email system), when run by the web server?
> >
> > third, what are the correct ownerships and permissions for /etc/mail and for
> > aliases? Just want to make sure I have things right.
> >
> >
> >
> >
> > --
> >
> > end
> >
> > Respectfully,
> > Kirk D Bailey
> >
> >
> > +---------------------"Thou Art Free." -Eris-----------------------+
> > | http://www.howlermonkey.net mailto:highprimate@howlermonkey.net |
> > | KILL spam dead! http://www.scambusters.org/stopspam/#Pledge |
> > | http://www.tinylist.org +--------+ mailto:grumpy@tinylist.org |
> > +------------------Thinking| NORMAL |Thinking----------------------+
> > +--------+
> > ---------------------------------------------
> > Introducing NetZero Long Distance
> > 1st month Free!
> > Sign up today at: www.netzerolongdistance.com
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >
--
end
Respectfully,
Kirk D Bailey
+---------------------"Thou Art Free." -Eris-----------------------+
| http://www.howlermonkey.net mailto:highprimate@howlermonkey.net |
| KILL spam dead! http://www.scambusters.org/stopspam/#Pledge |
| http://www.tinylist.org +--------+ mailto:grumpy@tinylist.org |
+------------------Thinking| NORMAL |Thinking----------------------+
+--------+
---------------------------------------------
Introducing NetZero Long Distance
1st month Free!
Sign up today at: www.netzerolongdistance.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DD33DA6.55DB03A>