Re: trouble writing a setuid script
- From: Grant <g_r_a_n_t_@xxxxxxxxxxx>
- Date: Sun, 31 Aug 2008 01:23:50 +1000
On Sat, 30 Aug 2008 05:58:30 -0700 (PDT), Peter Michaux <petermichaux@xxxxxxxxx> wrote:
On Aug 30, 1:20 am, magloca <magl...@xxxxxxxxxxxxxx> wrote:
Peter Michaux @ Saturday 30 August 2008 09:07:
Hi,
I'm trying to write a setuid script and can't make it happen. I've[code snipped]
trimmed it down to the very simple example below trying to have a
logger.pl script add a message to a log file. This is my Bash
transcript with all the pertinent details.
(I don't run into any errors when writing the same program in C.)
Yeah, I tried to do something like that once, too. Turned out the setuid
flag is ignored on scripts; it's only allowed on (binary) executables.
So that's also why your compiled C program works.
It seems it must be possible to write a setuid script because there is
a lot of fuss about it in "perldoc perlsec" which is also part of the
camel book.
Just add a C wrapper to call the script, something like:
#!/bin/bash
set -x
rm -f $1.c
rm -f ../$1.cgi
rm -f $1.cgi
echo "main () {
execl (\"$PWD/$1\", \"$1\", (char *)0 );
printf(\"Content-type: text/plain\\n\\n\");
printf(\"$1.cgi: fatal - failed to start $1, wait, then refresh.\\n\");
}
" > $1.c
gcc $1.c -o $1.cgi
strip -s $1.cgi
chmod 04555 $1.cgi
mv $1.cgi ../
rm -f $1.c
Grant.
--
http://bugsplatter.id.au/
.
- References:
- trouble writing a setuid script
- From: Peter Michaux
- Re: trouble writing a setuid script
- From: magloca
- Re: trouble writing a setuid script
- From: Peter Michaux
- trouble writing a setuid script
- Prev by Date: Re: question about data structures - what does $# mean?
- Next by Date: Re: trouble writing a setuid script
- Previous by thread: Re: trouble writing a setuid script
- Next by thread: Re: trouble writing a setuid script
- Index(es):
Relevant Pages
|
