On Fri, 2003-12-12 at 00:32, Stas Bekman wrote:
Can you please try this one:Answer is NOK
% perl -le ' \ my($uid, $gid) = (getpwnam("nobody"))[2..3]; \ $( = $) = $gid+0; \ die "failed to change gid to $gid (now: $(, $))" if $( != $gid; \ $< = $> = $uid+0; \ die "failed to change uid to $uid (now: $<, $>)" if $< != $uid; \ print -r q{/root} && -w _ && -x _ ? q{OK} : q{NOK};'
Perfect, so we finally have a working test (thanks to J�rg Walter for helping me on this one on irc). This is with and without /sbin/nologin for nobody, right?
Can you please also try this one:
perl -le ' \
use File::Spec::Functions qw(catfile); \
my($uid, $gid) = (getpwnam(qq[nobody]))[2..3]; \
$( = $) = $gid+0; \
die qq[failed to change gid to $gid] if $( != $gid; \
$< = $> = $uid+0; \
die qq[failed to change uid to $uid] if $< != $uid; \
my $dir = qq[/root]; \
my $file = catfile $dir, qq[.apache-test-file-$$-].time.int(rand); \
END { unlink $file }; \
# -w \
open TEST, qq[>$file] or die qq[failed to open $file: [EMAIL PROTECTED]; \
# -x \
-f $file or die qq[$file cannot be looked up]; \
close TEST; \
# -r \
opendir DIR, $dir or die qq[failed to open dir $dir: [EMAIL PROTECTED]; \
defined readdir DIR or die qq[failed to read dir $dir: [EMAIL PROTECTED]; \
close DIR; \
# all tests passed \
print q{OK}'it should fail...
Since perl's -x/-r/-w may report wrong things (e.g. broken POSIX::access or a lack of thereof), whereas this test tries to actually read/write and execute things, so it's the real test
__________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
