SLUG Mailing List Archives
Re: [SLUG] Apache execute a CGI as another user
- To: slug@xxxxxxxxxxx
- Subject: Re: [SLUG] Apache execute a CGI as another user
- From: Malcolm V <farkit@xxxxxxxxxxxx>
- Date: Mon, 15 May 2006 11:52:23 +1000
- User-agent: KMail/1.9.1
On Monday 15 May 2006 11:12, Peter Rundle allegedly wrote:
> I vaguely recall that chmod +s is only valid for binaries as the command
> being executed is bash, the script is just a data file to bash. I could be
> wrong on this one though...
This is correct. You can get around this by using a small C program (using
exec(), etc) instead of the shell script, which is chmod'd g+s or whatever.
check "man 3 system", mine says Debian uses a modified sh which doesn't drop
these priveleges on startup, not sure if that is still correct.
Referring to a book: I read part of it all the way through.