[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Setuid scripts with Apache?

> >>following error in my error.log: Can't do setuid

are you running under suexec?  that is the only apache security mechanism i
am aware of which restricts suid scripts/binaries.  if you are there is no
way around this, disable suexec.

> >Why don't you system() that perl script without the suid bit via sudo?

icky.  you would have to configure the user that apache runs as to have
nopasswd permissions to sudo.  not a good thought.

> That's a thought, but will it work?  It looks like apache isn't letting
> me execute a setuid root program (suidperl) in the CGI.  Since sudo is
> setuid as well won't I have the same problem?

and this, unless it's not an apache restriction but a kernel restriction on
suid scripts.


Reply to: