[EMAIL PROTECTED] wrote:
> Gentlemen it should be absolutely trivial for the cgi to run a compiled program that is
(a) suid to matlab (b) executes your script either as fork/exec or even system ("do
something");
> James
James, thanks for volunteering to solve this one ;-) .
Can you explain to a mere mortal why the following doesn't work?
As a first step to your "trivial" challenge, I've written a simple C routine to
system ("do something");
Then as root, I've changed it's ownership to matlab and setuid on it. But when
I run
it from my account, it doesn't execute as matlab.
Cluesticks?
Pete.
--
$ cat suidexec.c
#include <stdlib.h>
#include <stdio.h>
main(int argc, char *argv[]) {
if (argc < 2) {
printf("Usage:%s <command>\n",argv[0]);
exit(-1);
}
printf("Executing Command '%s'\n",argv[1]);
system(argv[1]);
}
$ ls -l suidexec
-rws--x--x 1 matlab apache 4962 May 16 08:03 suidexec
$ ./suidexec id
Executing Command 'id'
uid=501(prundle) gid=501(prundle) context=user_u:system_r:unconfined_t
$ ./suidexec /home/matlab/product/bin/matlab
Executing Command '/home/matlab/product/bin/matlab'
License Manager Error -39.
User/host not on INCLUDE list for feature.
So no dice, but if one su's to the matlab account, all is well.
$ su matlab
Password:
$> /home/matlab/product/bin/matlab
Warning:
MATLAB is starting without a display, using internal event queue.
You will not be able to display graphics on the screen.
< M A T L A B >
Copyright 1984-2006 The MathWorks, Inc.
So I don't so much need to execut with matlab permissions as to be seen
to execute as the user account matlab.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
