setuid

[Ivan Kohler]

On Sat, Dec 12, 1998 at 06:14:36AM -0700, Jay wrote:
> 
> Hi all. I'm quite sure this is a common topic, but the archive did not
> provide a 'good' solution for this.
>
> I am getting the error about not executing the scripts setuid, and I have
> confirmed -- the CGI's are not running as the freeside user. However, my
> system (Slackware Linux 3.5, Kernel 2.0.35) should support secure setuid
> scripts.

I believe Linux 2.0.x ignores the suid bit on scripts.  Perl provides
setuid emulation - see the perlsec manpage for details.  On Debian, I
install a separate package `perl-suid' to enable this.  I would imagine
that Slackware has a similar package.  (With OS's that don't include Perl
you need to recompile it.) 

> I don't want to change all of the CGI's to run as 'nobody' (the Apache
> user) -- that just doesn't seem right. :) As well, I don't want to disable
> the setuid stuff in the kernel, because I have other setuid scripts that
> need to be run. 

Are you sure?  *scripts*, not ELF executables?  What language?

> Does anyone have any ideas/pointers for getting this to work (the way it
> is 'supposed' to)? Thanks. BTW -- Ivan, good job on the FreeSide system. I
> have seen it in action before, and played with the demo -- an all-around
> killer app. ...now if it will only work for me. :)

Thanks!

-- 
Ivan Kohler <ivan at sisd.com> - finger for PGP key - <moc.dsis at navi> relhoK navI
Open-source billing and administration for ISPs - http://www.sisd.com/freeside
20 4,16 * * * saytime # please don't be surprised if you find me dreaming too