Its true, but on a secured intranet it shouldn't be so bad
When the PHB {pointy headed boss} says he needs it done today sometimes you
gotta make that call
I don't like it anymore than the next guy , but when it comes to providing a
solution sometimes it HAS to be done
This happened in the last company and we had to use suid, but we opted for
suidperl other than that I don't really remember mush as I was coding and my
team mate was handling the installs and config for suidperl
> -----Original Message-----
> From: Simon Dassow [mailto:[EMAIL PROTECTED]
> Sent: September 21, 2004 6:49 AM
> To: Rajesh Pethe
> Cc: [EMAIL PROTECTED]
> Subject: Re: problem running suid scripts...
>
> Rajesh Pethe wrote:
> > I'm new to mod_perl and am enjoying every bit of it, I have new
> > problem, I want to execute suid scripts from mod_perl i.e.
> the script
> > called from mod_perl should be executed as a priveliged
> user and not
> > as default 'apache' user.
> >
>
> Hi Rajesh,
> first of all: avoid using suid.
> Second advice: don't use suid.
> If you want to execute (particular) actions as root use sudo instead.
> Works great and is much more secure. In addition to that you can
> configure almost everything you need... e.g. you can tell
> which user can
> call which program at a specified time.
> And that can be done without a password... or with password caching.
> I hope this is what you are searching for.
>
> Additionally you don't need to run the calling application as root or
> under mod_cgi.
>
> I'm really wondering nobody else noticed this yet as suid is evil and
> known for security concerns.
>
> Kind regards,
> Simon
>
> --
> Report problems: http://perl.apache.org/bugs/
> Mail list info: http://perl.apache.org/maillist/modperl.html
> List etiquette: http://perl.apache.org/maillist/email-etiquette.html
>
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
