[ale] Please Help

Geoffrey esoteric at 3times25.net
Thu Mar 28 22:03:58 EST 2002 

This issue just rang a bell in my pea brain.  I believe you're on the 
right track, and if you replace your system() call with a fork()/exec() 
it will work as you expect.

Tyler Kiley wrote:
> Actually, I'm pretty sure php chmod() doesn't (didn't?) set suid or sticky 
> bits.  But that's kinda getting sidetracked.....
> 
> I'd guess Ken's problem is in the c program:
> 
> int main(void)
> {
>     system("/usr/local/sbin/changewriter.pl");
> }
> 
> according to the 'system' manpage in rh 7.2, bash drops suid priveliges when 
> it is run.  Now... I'm still fairly new to linux, so correct me if I'm wrong, 
>  but wouldn't that mean that the setuid bit on the c program is essentially 
> useless?
> 
> Tyler
> 
> Jim Philips:
> 
>>Well, there is a function called chmod() that will do anything a UNIX
>>chmod will do. See shell_exec() and system() functions for executing
>>other shell functions within PHP.
>>
>>On Thu, 2002-03-28 at 15:36, Tyler Kiley wrote:
>>
>>>if php is compiled as an apache module, you're outta luck afaik.....
>>>there's nothing to chmod +s, and suexec doesn't work on mod_php (? never
>>>tried myself, but that's what I've heard).
>>>
>>>if you've compiled it as a standalone executable, you can always chmod +s
>>>/usr/local/bin/php, but then all your scripts run as that uid, which is
>>>typically not good. (anyone know if apache will even accept an
>>>interpreter that has the +s bit?)
>>>
>>>Suexec with standalone php is probably the best option.  That will allow
>>>you to designate a certain directory or virtualhost as setuid, while
>>>leaving all other php scripts alone.
>>>
>>>http://httpd.apache.org/docs/suexec.html
>>>http://www.php.net/manual/en/security.cgi-bin.php
>>>
>>>Tyler
>>>
>>>Ken Nagorski:
>>>
>>>>Please tell me someone knows how to do this. Here is the problem.
>>>>
>>>>I need to a script SUID form a website. It is a PHP script that calls a
>>>>wrapper program written in C and it is set 4755, The script is calls
>>>>just runs a system command, actually a courier command, the makealises
>>>>command. But I can't get this to work for the life of me. I know that
>>>>someone has had of written the script that simplifies system mamagment
>>>>and then needed to run a system command when it is finished but HOW?
>>>>
>>>>Uhg - Thanks
>>>>Ken
>>>>
>>>>
>>>>
>>>>
>>>>---
>>>>This message has been sent through the ALE general discussion list.
>>>>See http://www.ale.org/mailing-lists.shtml for more info. Problems
>>>>should be sent to listmaster at ale dot org.
>>>>
>>>---
>>>This message has been sent through the ALE general discussion list.
>>>See http://www.ale.org/mailing-lists.shtml for more info. Problems should
>>>be sent to listmaster at ale dot org.
>>>
>>---
>>This message has been sent through the ALE general discussion list.
>>See http://www.ale.org/mailing-lists.shtml for more info. Problems should
>>be sent to listmaster at ale dot org.
>>
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> sent to listmaster at ale dot org.
> 
> 
> 


-- 
Until later: Geoffrey		esoteric at 3times25.net

I didn't have to buy my radio from a specific company to listen
to FM, why doesn't that apply to the Internet (anymore...)?


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list