setuid root CGI's - how bad it is?
Hi, (sorry for the off-topic question but I don't know where to ask) Excuse my ignorance but how bad is it to have a setuid CGI script? I know there should be big security issues with this but I don't know what it is. I have a CGI script that needs to write files in a user's home directory. How can I do that? Thanks and my apologies for being off-topic again. E.- -- Eloy A. Paris Information Technology Department Rockwell Automation de Venezuela Telephone: +58-2-9432311 Fax: +58-2-9431645 -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: setuid root CGI's - how bad it is?
On Thu, Sep 18, 1997 at 03:45:17PM -0400, Eloy A. Paris wrote: : >If that's all you want, it's easy. Do this: : > : >1) Authenticate the user against the system's /etc/passwd. : : OK, my script is doing this. The user can enter his login ID and his : password through a HTML form and the CGI script validates the user against : /etc/passwd making sure the UID of the users is >= 1000. : : >2) Use Apache's suEXEC module to run the CGI under the user's UID, : > after authenticating the user. : : This sounds like the solution but where can I find this module? It is not : part of the apache-modules package. It's part of Apache 1.2 feature set.. See: http://www.apache.org/docs/suexec.html for more info... -- Jason Costomiris <><| "VMS is about as secure as a poodle [EMAIL PROTECTED] | encased in a block of lucite http://www.jasons.org/~jcostom/ | about as useful, too." #include | --some guy I read on Usenet -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: setuid root CGI's - how bad it is?
Eloy A. Paris wrote: > > Hi, > > (sorry for the off-topic question but I don't know where to ask) > > Excuse my ignorance but how bad is it to have a setuid CGI script? If you insist on a script, a perl script written by a knowledgeable and paranoid programmer could be safe. A C program written by a bozo would be less safe. There are probably programmers who could create a not too dangerous cgi in sh, though not safe, at least in standard linux. In short if the creator of the script is knowledgeable about the attacks that might occur, the resultant cgi will be safe, but if the cgi creator doesn't have a clue, the cgi will not be safe no matter what it's written in. > I know there should be big security issues with this but I don't > know what it is. > > I have a CGI script that needs to write files in a user's home directory. > How can I do that? > > Thanks and my apologies for being off-topic again. > > E.- > > -- > > Eloy A. Paris > Information Technology Department > Rockwell Automation de Venezuela > Telephone: +58-2-9432311 Fax: +58-2-9431645 > > -- > TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to > [EMAIL PROTECTED] . Trouble? > e-mail to [EMAIL PROTECTED] . -- - Ralph Winslow [EMAIL PROTECTED] The IQ of the group is that of the member whose IQ is lowest divided by the number of members. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: setuid root CGI's - how bad it is?
Hi,
At 08:11 AM 9/18/97 -0400, Jason Costomiris wrote:
>Are you 100% sure that your CGI has no bugs, no potential buffer overruns,
>doesn't trust input gathered from the User Agent, blah blah blah?
>
>If not, and you shouldn't be 100% sure, don't run CGI's suid to root.
No, I am not sure and I know I shouldn't be running my script suid to root.
>If that's all you want, it's easy. Do this:
>
>1) Authenticate the user against the system's /etc/passwd.
OK, my script is doing this. The user can enter his login ID and his
password through a HTML form and the CGI script validates the user against
/etc/passwd making sure the UID of the users is >= 1000.
>2) Use Apache's suEXEC module to run the CGI under the user's UID,
> after authenticating the user.
This sounds like the solution but where can I find this module? It is not
part of the apache-modules package.
Thanks,
E.-
--
Eloy A. Paris
Information Technology Department
Rockwell Automation de Venezuela
Telephone: +58-2-9432311 Fax: +58-2-9431645 Cel.: +58-16-234700
"Where does this path lead?" said Alice
"Depends on where you want to go." Said the cat
("Alice in Wonderland", by Lewis Carroll.)
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
Re: setuid root CGI's - how bad it is?
On Thu, Sep 18, 1997 at 04:57:02AM +, Eloy A. Paris wrote: : Excuse my ignorance but how bad is it to have a setuid CGI script? : I know there should be big security issues with this but I don't : know what it is. Are you 100% sure that your CGI has no bugs, no potential buffer overruns, doesn't trust input gathered from the User Agent, blah blah blah? If not, and you shouldn't be 100% sure, don't run CGI's suid to root. : I have a CGI script that needs to write files in a user's home directory. : How can I do that? If that's all you want, it's easy. Do this: 1) Authenticate the user against the system's /etc/passwd. 2) Use Apache's suEXEC module to run the CGI under the user's UID, after authenticating the user. -- Jason Costomiris <><| "VMS is about as secure as a poodle [EMAIL PROTECTED] | encased in a block of lucite http://www.jasons.org/~jcostom/ | about as useful, too." #include | --some guy I read on Usenet -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
