Thanks a lot. That "really" does help.
regards,
-Tushar
-Original Message-
From: Stas Bekman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 30, 2002 6:36 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: apache mod_perl + suid question
[EMAIL PROTECTED] wrot
[EMAIL PROTECTED] wrote:
> Hello,
>
> I am trying to write a password changing program.
this article by Lincoln Stein should resolve most of your problems:
http://www.samag.com/documents/s=1286/sam03020006/
and no, don't try to disable the taint mode,
instead read the perlsec manpage to learn
EMAIL PROTECTED]; [EMAIL PROTECTED]
Assunto: RE: apache mod_perl + suid question
Vitor,
The thing is also that I can run the wrapper from the command line without
the
-T switch, and I do succeed, i.e. the password does get changed. Seems like
mod_perl by default has the taint mode on.
How do I get r
iday, July 26, 2002 8:31 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RES: apache mod_perl + suid question
Tushar,
It's not recommeded to run apache as root. (Security issues).
I have some applications that uses system command under mod_perl without
problems.
Try to execute you wrap
ECTED]]
Sent: Friday, July 26, 2002 8:31 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RES: apache mod_perl + suid question
Tushar,
It's not recommeded to run apache as root. (Security issues).
I have some applications that uses system command under mod_perl without
problems.
Try to e
Original Message-
From: Vitor [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 26, 2002 8:31 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RES: apache mod_perl + suid question
Tushar,
It's not recommeded to run apache as root. (Security issues).
I have some applications that uses syst
ra: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Assunto: RE: apache mod_perl + suid question
Thanks Vitor...
I have something very similar to what you mention below..only
that I am taking the username and passwd from the apache gui.
Then I encrypt the passwd and send that to wrapper(i.e. suid_file)
sc
On Fri, Jul 26, 2002 at 06:40:31PM -0400, [EMAIL PROTECTED] wrote:
> 1: The usermod command doesn't get executed. I have tried debugging
> this...by having a log file(/usr/local/apache/logs) and the mod_perl
> process does open the wrapper script..but then does nothing. It does
> not execute the
Hello,
I am trying to write a password changing program. For this I have a mod_perl
subroutine
from where I am trying to execute a perl script(with suid permissions 4711),
which is a wrapper and
in turn calls the usermod command on linux with the old and new passwords.
The problem I am having:
1
6:50 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: apache mod_perl + suid question
On Fri, Jul 26, 2002 at 06:40:31PM -0400, [EMAIL PROTECTED] wrote:
> 1: The usermod command doesn't get executed. I have tried debugging
> this...by having a log file(/usr/local/apache/lo
`$wrapper` ?
thanks.
-Tushar
-Original Message-
From: Vitor [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 26, 2002 7:04 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RES: apache mod_perl + suid question
Hello Tushar,
Try this :
$suid_file = "file_path/suidfile.pl";
$user
EMAIL PROTECTED]
Subject: RE: apache mod_perl + suid question
Thanks Vitor...
I have something very similar to what you mention below..only
that I am taking the username and passwd from the apache gui.
Then I encrypt the passwd and send that to wrapper(i.e. suid_file)
script.
So I have something
12 matches
Mail list logo