Is there anyway to login as root and perform a few privileged actions from within a CGI program? I want to be able overwrite a file owned by root, as well as perform other "root only" tasks, from within my CGI program.
We use C++ for CGI programming, so the approach would also have to use C or C++. TIA. From, Carlos Yu CYWare ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 26, 2001 10:39 AM Subject: plug digest, Vol 1 #1075 - 14 msgs > Send plug mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.q-linux.com/mailman/listinfo/plug > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of plug digest..." > > > Today's Topics: > > 1. Re: Re: [ph-infosec] Idea on one-time FTP passwords (Juan Miguel Cacho) > 2. Re: Router Load (vince cagud) > 3. Re: Redhat 7.2-SGI-XFS WAS [ADVERTISEMENT] (RGTorres) > 4. Re: Re: [ph-infosec] Idea on one-time FTP passwords (likot) > 5. Re: Re: [ph-infosec] Idea on one-time FTP passwords (likot) > 6. Re: Linux for Dreamcast Sega WAS Redhat 7.2-SGI-XFS (RGTorres) > 7. RE: Router Load ([EMAIL PROTECTED]) > 8. Re: Open-source to every school! (=?iso-8859-1?Q?=A4=F2=BCy=BA=D5?=) > 9. Let us all support Jared! (thad lozada) > 10. I need some help! ([EMAIL PROTECTED]) > 11. Re: Re: [ph-infosec] Idea on one-time FTP passwords (Paolo Carballo) > 12. Re: [ADVERTISEMENT] Available Open Source CDs (Federico Sevilla III) > 13. Re: I need some help! (louie miranda) > 14. Re: Re: Course management system (Sacha Chua) > > --__--__-- > > Message: 1 > Date: Mon, 26 Nov 2001 00:00:37 +0800 > From: Juan Miguel Cacho <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: [plug] Re: [ph-infosec] Idea on one-time FTP passwords > Organization: Bombastar-myDSL > Reply-To: [EMAIL PROTECTED] > > En Sun, Nov 25, 2001 at 11:12:18PM +0800, Migs Paraz escribio: > > #_ > Unless someone wants to develop a free or gpl sftp client for > #_ > windows using gpl, gnu, openssl tools and libraries. > #_ > #_ > #_ I don't think it's possible to write a Windows app without using > #_ commercial software. > #_ > #_ Prove me wrong :) > > Can you have a linux console in Windows using vnc? Might have to bring > the mountain to Mohamed. ;-> > > -- > Juan Miguel Cacho [EMAIL PROTECTED] > Para�aque City, Philippines > GnuPG Public Key Key ID 7B071F7F > http://www.philonline.com/~chocovim/pancitmolo.pgp > Drive safely. 90% of people are caused by accidents. > > --__--__-- > > Message: 2 > Date: Mon, 26 Nov 2001 00:35:36 +0800 > From: vince cagud <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: [plug] Router Load > Reply-To: [EMAIL PROTECTED] > > > i disagree on this disagree. two heads are better than one, as long as > the OS supports smp...one cpu could do something for an OS process while > another runs an application or the like. anyway, one usually adds > another cpu not for redundancy. geez, how many of you use smp because > you want a backup cpu? we do smp because we want the added processing > power...at the risk of another cpu failing. but hey, what's the > statistic of a failed cpu on a multi-processor machine? i think it's > easier for a hard disk to fail than a processor...well, maybe the > processor fan. but that's what the cpu fan monitor is for. > > on the example of P3-800 vs dual p2/c-400, of course you'd have reason > to doubt the dualie. the p3 would most probably be sitting on a newer > motherboard with a newer chipset with higher memory bus bandwidth than > those p2s, which are probably using a two to almost three years old > mobo. still, i'm not too sure...i bet the dual given a good smp os could > still give the p3 a run for its money. > > -v > > Ian C. Sison wrote: > > >On Sun, 25 Nov 2001, Emmanuel Teodosio Jr. wrote: > > > >>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >>Duallies are best for servers...i think...that woul normally run > >>24/7...But I suppose that kind of magnitude would not suite for 1 pc > >>only..maybe 2 perhaps...BTW Two heads are better than one..(especially > >>if it supports SMP) :) > >>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >> > > > > > >I disagree. I'd go for a Pentium III-800 over a dual > >Pentium-2/Celeron-400 anytime. Linux does support SMP, but does not > >support hot-plugging.hot disabling of CPUs. if one cpu goes down, the > >entire system goes down. Which means, there is a 100% more chance a > >system will go down due to CPU failure in a dual CPU config than a single > >CPU config. > > > >two heads does not necessarily mean it is better than one. There is > >processing overhead with regards to maintaining the integrity of an SMP > >system which just does not exist in uniprocessor systems. > > > >If you want true multiprocessing, use 2 servers \8) > > > > > >>[EMAIL PROTECTED] wrote: > >> > >>>Separate the mail services -- mail services tend to me I/O intensive once > >>>you have many accounts on the box (you don't want user accounts on your > >>>router/firewall). > >>> > >>>-----Original Message----- > >>>From: Stephen Paul E Florentino [mailto:[EMAIL PROTECTED]] > >>>Sent: Saturday, November 24, 2001 3:18 PM > >>>To: [EMAIL PROTECTED] > >>>Subject: [plug] Router Load > >>> > >>>Hello all, > >>> > >>>I would like to know if a single Linux box running primarily as a > >>>router/firewall/mail server would suffice for 100-200 hosts. We want > >>>to isolate the network physically from a larger network and just > >>>masquerade the 100-200 hosts through this one Linux box. > >>> > >>>We are also hoping to add web, ftp, etc functionality if the load > >>>would not be that "high" on our box. > >>> > >>>We are planning to use MDK 8.1 on: > >>> > >>>single Athlon 1.6 GHz > >>>256 RAM (more if required) > >>>2 NICs (more if required) > >>>HD space is not a problem > >>> > >>>or would a Dual Pentium III 500 be better? > >>> > >>>Any suggestions? > >>> > >>>TIA > >>> > >>>-$tp > >>> > >>> > >>> > >>>__________________________________ > >>>www.edsamail.com > >>>_ > >>>Philippine Linux Users Group. Web site and archives at > >>>http://plug.linux.org.ph > >>>To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > >>> > >>>To subscribe to the Linux Newbies' List: send "subscribe" in the body to > >>>[EMAIL PROTECTED] > >>>_ > >>>Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph > >>>To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > >>> > >>>To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED] > >>> > >>> > >>__________________________________ > >>www.edsamail.com > >>_ > >>Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph > >>To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > >> > >>To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED] > >> > > > >_ > >Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph > >To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > > > >To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED] > > > > > > > --__--__-- > > Message: 3 > Date: Sun, 25 Nov 2001 09:14:33 -0800 (PST) > From: RGTorres <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: [plug] Re: Redhat 7.2-SGI-XFS WAS [ADVERTISEMENT] > Reply-To: [EMAIL PROTECTED] > > --- "Gideon N. Guillen" <[EMAIL PROTECTED]> wrote: > > > hmm... Calling Linux distro CD sellers around here, > > how about having the > > Linux for the Dreamcast? ;) hehehe. BTW, anybody > > wanna sell Red Hat 7.2 XFS > > enabled. I don't have broadband. > ---------------------------------------------------- > RH7.2-SGI-XFS-1.0.2a.iso CD, which contains a modified > XFS-aware version of the Red Hat anaconda installer > will be available soon. > > This CD contains only RPMS which support the XFS file > system - all other RPMs are retrieved from the > original Red Hat Linux 7.2 CD-ROMs. Official Red Hat > 7.2 CDs are needed to complete the installation. > > What's Linux for Dreamcast...is there such an ISO CD? > > Rene > [EMAIL PROTECTED] > > > __________________________________________________ > Do You Yahoo!? > Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. > http://geocities.yahoo.com/ps/info1 > > --__--__-- > > Message: 4 > Date: Sun, 25 Nov 2001 10:06:23 -0800 (PST) > From: likot <[EMAIL PROTECTED]> > Subject: Re: [plug] Re: [ph-infosec] Idea on one-time FTP passwords > To: [EMAIL PROTECTED] > Reply-To: [EMAIL PROTECTED] > > > --- Juan Miguel Cacho <[EMAIL PROTECTED]> wrote: > > En Sun, Nov 25, 2001 at 11:12:18PM +0800, Migs Paraz > > escribio: > > > > #_ > Unless someone wants to develop a free or gpl > > sftp client for > > #_ > windows using gpl, gnu, openssl tools and > > libraries. > > #_ > > #_ > > #_ I don't think it's possible to write a Windows > > app without using > > #_ commercial software. > > #_ > > #_ Prove me wrong :) > > > > Can you have a linux console in Windows using vnc? > > Might have to bring > > the mountain to Mohamed. ;-> > > > > -- > > no need for vnc get cygwin > > you can even run kde 2.2.1 in windows using cygwin > > -Dek > [EMAIL PROTECTED] > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. > http://geocities.yahoo.com/ps/info1 > > --__--__-- > > Message: 5 > Date: Sun, 25 Nov 2001 10:09:11 -0800 (PST) > From: likot <[EMAIL PROTECTED]> > Subject: Re: [plug] Re: [ph-infosec] Idea on one-time FTP passwords > To: [EMAIL PROTECTED] > Reply-To: [EMAIL PROTECTED] > > > --- Migs Paraz <[EMAIL PROTECTED]> wrote: > > On Sun, Nov 25, 2001 at 06:46:40AM -0800, likot > > wrote: > > > i'll still go with sftp .. there are several ftp > > > clients for windows that supports this now > > > including cute ftp pro .. > > > > > > in fact, CuteFTP Pro is the only one i've seen! > > what are the others? those that the Windows user > > does not have to pay for. > > > > http://www.freessh.org/windows.html > try this link > > -Dek > [EMAIL PROTECTED] > > > > _ > > Philippine Linux Users Group. Web site and archives > > at http://plug.linux.org.ph > > To leave: send "unsubscribe" in the body to > > [EMAIL PROTECTED] > > > > To subscribe to the Linux Newbies' List: send > > "subscribe" in the body to > [EMAIL PROTECTED] > > > __________________________________________________ > Do You Yahoo!? > Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. > http://geocities.yahoo.com/ps/info1 > > --__--__-- > > Message: 6 > Date: Sun, 25 Nov 2001 10:15:09 -0800 (PST) > From: RGTorres <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: [plug] Re: Linux for Dreamcast Sega WAS Redhat 7.2-SGI-XFS > Reply-To: [EMAIL PROTECTED] > > > --- "Gideon N. Guillen" <[EMAIL PROTECTED]> > > wrote: > > > > > hmm... Calling Linux distro CD sellers around > > here, > > > how about having the > > > Linux for the Dreamcast? ;) hehehe. BTW, anybody > ------------------------------------------------ > Ahh, Linux for Sega Dreamcast. Have you read > Marcus Comstedt's complicated instructions on how > to make a bootable Linux CD on a Dreamcast Sega? > Not worth it. :) > > Rene > [EMAIL PROTECTED] > > __________________________________________________ > Do You Yahoo!? > Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. > http://geocities.yahoo.com/ps/info1 > > --__--__-- > > Message: 7 > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: RE: [plug] Router Load > Date: Mon, 26 Nov 2001 02:43:00 +0800 > Reply-To: [EMAIL PROTECTED] > > Why would you need dual processor on a firewall/router? I've heard people > using Linux as firewall/router on Pentium 133 or Pentium Pro machines. > Routing doesn't really need that much processing power (unless you have a > very large routing table). > > -----Original Message----- > From: vince cagud [mailto:[EMAIL PROTECTED]] > Sent: Monday, November 26, 2001 12:36 AM > To: [EMAIL PROTECTED] > Subject: Re: [plug] Router Load > > > i disagree on this disagree. two heads are better than one, as long as > the OS supports smp...one cpu could do something for an OS process while > another runs an application or the like. anyway, one usually adds > another cpu not for redundancy. geez, how many of you use smp because > you want a backup cpu? we do smp because we want the added processing > power...at the risk of another cpu failing. but hey, what's the > statistic of a failed cpu on a multi-processor machine? i think it's > easier for a hard disk to fail than a processor...well, maybe the > processor fan. but that's what the cpu fan monitor is for. > > [ snipped ] > > --__--__-- > > Message: 8 > Date: Mon, 26 Nov 2001 03:44:18 +0800 > To: [EMAIL PROTECTED] > From: =?iso-8859-1?Q?=A4=F2=BCy=BA=D5?= <[EMAIL PROTECTED]> > Subject: Re: [plug] Open-source to every school! > Cc: [EMAIL PROTECTED], > "Arlan R Tiu" <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > > This is my first message in Plug. > > 1. We are asking help from Manila Plugers to set up and teach Linux. > > 2. China Trust Bank(Taiwan) will donate 100 plus second hand computers for > St. Peter the Apostle School in the near future. > > 3. These computers equipped with Pentium 166, 2.5G HD, 16M RAM, no CD. > > 4. Red Hat 7.2 is installed. > > Please contact "Arlan R Tiu" <[EMAIL PROTECTED]> for more information. > > At 10:31 AM 2001/11/22 +0800, you wrote: > >"In the wake of Microsoft's announced settlement proposal with more than 100 > >private antitrust plaintiffs, the Linux software provider Tuesday announced > >plans to offer its open-source software to every school district in the U.S. > >free of charge. " > > > > > >from > >Red Hat Counters Microsoft's Education Offer > >http://www.eweek.com/article/0,3658,s%253D700%2526a%253D18847,00.asp > > > >is there a project similar to this here in the Philippines? will PLUG or > >any open-source company take the challenge as well? > > > > > >eric t. > > Anthony Mao, Associate Professor > [EMAIL PROTECTED] > Dept. of Library and Information Science > Fu-Jen Catholic Unviersity > Taipei > Taiwan > > > --__--__-- > > Message: 9 > Date: Sun, 25 Nov 2001 17:59:25 +0800 > From: thad lozada <[EMAIL PROTECTED]> > To: Ph-Linux-Newbie <[EMAIL PROTECTED]>, > Phil Linux Use Group (PLUG) <[EMAIL PROTECTED]>, > PLUG MISC <[EMAIL PROTECTED]>, > plug-org <[EMAIL PROTECTED]> > Subject: [plug] Let us all support Jared! > Reply-To: [EMAIL PROTECTED] > > (sorry for cross plugging!) > > peace :) > > Lets vote for a fellow Pinoy project to receive funding. > > http://www.linuxfund.org/ > > Skimmer V.1 > A Peer-to-Peer B2B Collaborative Application > by Jared Odulio > > *^*^*^*^* > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > + Thad Lozada + > + [EMAIL PROTECTED] + > + [EMAIL PROTECTED] + > + [EMAIL PROTECTED] + > + [EMAIL PROTECTED] + > + =====================================================+ > + "Nobody knows what's going to happen to everybody + > + except the forlorn rag of growing old."-Jack Kerouac+ > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > --__--__-- > > Message: 10 > Date: Mon, 26 Nov 2001 09:03:11 +0800 (PHT) > From: <[EMAIL PROTECTED]> > To: Phil Linux Use Group <[EMAIL PROTECTED]> > Subject: [plug] I need some help! > Reply-To: [EMAIL PROTECTED] > > > Good day to all Gurus! > > Im just checking my server after a 2 day vacation from work. > I found a file in my root dir "tcp.log". Surprisingly when I viewed the > file it contains all the recent logs of all my users and all their > passwords. My servers has been cracked 2 times already this year after we > changed ISP. I dont know if this has to do with our network structure or > my servers are not that secured. > > I need some help regarding this. If some of you would like to propose > a good server/network security or any method, please let me know. > > My number is 721-24-74 Look for John Paul > > Thank you > > > > > > > > > > --__--__-- > > Message: 11 > Date: Mon, 26 Nov 2001 09:29:08 +0800 > From: Paolo Carballo <[EMAIL PROTECTED]> > Organization: SWIFTEL Datacom Limited > To: [EMAIL PROTECTED] > Subject: Re: [plug] Re: [ph-infosec] Idea on one-time FTP passwords > Reply-To: [EMAIL PROTECTED] > > Migs Paraz wrote: > > > > I don't think it's possible to write a Windows app without using commercial > > software. > > > > Prove me wrong :) > > > How about the winblows versions of Bochs and Abiword? > I would imagine using cygwin for this. > I may be wrong though.... > > -- > > Juan Paolo Carballo > > SWIFTEL Datacom Limited > POT: (852) 2388-1168/1053/1476 or 2625-1688 loc 128 FAX: (852) 2625-1501 > 5/F Ming Tak Bldg., 101 Wanchai Rd., Wanchai, Hong Kong, SAR, China 852 > > --__--__-- > > Message: 12 > Date: Mon, 26 Nov 2001 09:25:57 +0800 (PHT) > From: Federico Sevilla III <[EMAIL PROTECTED]> > To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > Subject: Re: [plug] [ADVERTISEMENT] Available Open Source CDs > Reply-To: [EMAIL PROTECTED] > > On Sun, 25 Nov 2001 at 20:38, Gideon N. Guillen wrote: > > hmm... Calling Linux distro CD sellers around here, how about having the > > Linux for the Dreamcast? ;) hehehe. > > If you can point me to where I can get the ISO, I'll grab it. :) > > > BTW, anybody wanna sell Red Hat 7.2 XFS enabled. > > SGI has its own installer. I'll have to check later if I synced up to > their ISO for RedHat 7.2. If I haven't I'll go grab it today. :) > > --> Jijo > > -- > Federico Sevilla III :: [EMAIL PROTECTED] > Network Administrator :: The Leather Collection, Inc. > GnuPG Key: <http://jijo.leathercollection.ph/jijo.gpg> > > > --__--__-- > > Message: 13 > From: "louie miranda" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Subject: Re: [plug] I need some help! > Date: Mon, 26 Nov 2001 10:10:26 +0800 > Reply-To: [EMAIL PROTECTED] > > use tcpserver (http://cr.yp.to/ucspi-tcp.html) > use ipchains or iptables, put firewalls. > check your running daemons for vulnerable > versions change it. close unused ports, use > alpha numeric/long passwords and after that smile :) hehe. > > btw: > use secure connection.. like ssh (openssh.org, etc.), ssl.. etc.. > > tcp.log, your hacker did run a sniffer on your > machine, better change all your passwords fast. > > > > > > > > > > > > > > > > ty. > > louie miranda (axishift.ath.cx) > ------------------------------------------ > Security Is A Series Of Well-Defined Steps > > chmod -R 0 / ; and smile :) > > > > > > > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: "Phil Linux Use Group" <[EMAIL PROTECTED]> > Sent: Monday, November 26, 2001 9:03 AM > Subject: [plug] I need some help! > > > > > > Good day to all Gurus! > > > > Im just checking my server after a 2 day vacation from work. > > I found a file in my root dir "tcp.log". Surprisingly when I viewed the > > file it contains all the recent logs of all my users and all their > > passwords. My servers has been cracked 2 times already this year after we > > changed ISP. I dont know if this has to do with our network structure or > > my servers are not that secured. > > > > I need some help regarding this. If some of you would like to propose > > a good server/network security or any method, please let me know. > > > > My number is 721-24-74 Look for John Paul > > > > Thank you > > > > > > > > > > > > > > > > > > _ > > Philippine Linux Users Group. Web site and archives at > http://plug.linux.org.ph > > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > > > > To subscribe to the Linux Newbies' List: send "subscribe" in the body to > [EMAIL PROTECTED] > > > --__--__-- > > Message: 14 > Date: Sun, 25 Nov 2001 20:43:43 +0800 > From: Sacha Chua <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: [plug] Re: Course management system > Organization: Ateneo Cervini-Eliazo Networks > Reply-To: [EMAIL PROTECTED] > > On 25 Nov 2001 05:20:35PM +0800, Daniel O. Escasa ([EMAIL PROTECTED]) said: > > > http://capa4.lite.msu.edu/homepage/ -- haven't used it, nor have I so much as > > looked at it. Passed it on to others who were looking for such a package, never > > Nice for online tests - CS and math teachers might like > this! - but I'm not sure it covers putting optional course material online. Thanks for the tip, though! =) > -- > Sacha Chua <[EMAIL PROTECTED]> 3 BS CS geek =) > Ateneo Cervini-Eliazo Networks (ACENT) tel: 63(2) 426-6001 loc 5925 > BOFH excuse #13: we're waiting for [the phone company] to fix that line > > > --__--__-- > > _______________________________________________ > plug mailing list > [EMAIL PROTECTED] > http://lists.q-linux.com/mailman/listinfo/plug > > > End of plug Digest > _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
