Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] Apache execute a CGI as another user


On Monday 15 May 2006 11:12, Peter Rundle allegedly wrote:
> I vaguely recall that chmod +s is only valid for binaries as the command
> being executed is bash, the script is just a data file to bash. I could be
> wrong on this one though...

This is correct. You can get around this by using a small C program (using  
exec(), etc) instead of the shell script, which is chmod'd g+s or whatever.

check "man 3 system", mine says Debian uses a modified sh which doesn't drop 
these priveleges on startup, not sure if that is still correct.

Cheers,
Malcolm V.
-- 
  Referring to a book: I read part of it all the way through.
  -Samuel Goldwyn