OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Kirk Bailey (idiot1_at_netzero.net)
Date: Thu Nov 14 2002 - 00:07:34 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    oops. I quote:

       7.Is the target user NOT superuser?

           Presently, suEXEC does not allow 'root' to execute CGI/SSI
           programs.

    Alas, the file appears to be owned by root. Now what?

    Noah K Sematimba wrote:
    >
    > I think that perhaps you need to read about apache's suEXEC mechanism:
    >
    > http://httpd.apache.org/docs/suexec.html
    >
    > cheers,
    >
    > Sematimba Noah Kevin
    > Systems Administrator
    > Africa Online Uganda Limited
    > Commercial Plaza Kampala Road
    > e-mail: ksematafricaonline.co.ug
    > WEB: http://www.africaonline.co.ug
    > TEL: +256(41)258143
    > FAX: +256(41)258144
    >
    > On Wed, 13 Nov 2002, Kirk Bailey wrote:
    >
    > > I have a problem. I am writing a script to create lists, and another to destroy
    > > them- that is, MAIL lists, such as mailman, majordomo, and mojomail and tinylist
    > > all work with. (I write TinyList.)
    > >
    > > The aliases file must have certain permissions, and it appears to be 644 in my
    > > freebsd box- hope that's correct, but it works fine. And the ownership is root,
    > > and that works fine.
    > >
    > > well, apache in the box is nobody:wheel and runs scripts as such. I have the
    > > scripts owned nobody:wheel also. They run, but it cannot access the aliases
    > > file-permissions/ownerships. OK, changed the relevant scripts' ownerships to
    > > root (gasp!) and tried to run things that way. still no luck. Scripts apparently
    > > are running as nobody, even though owned by root.
    > >
    > > OK, a few questions.
    > >
    > > First, how to I get a script to discover what identity it is running as?
    > >
    > > Second, how can I insure it runs as a particular identity(so as to be compatable
    > > with the email system), when run by the web server?
    > >
    > > third, what are the correct ownerships and permissions for /etc/mail and for
    > > aliases? Just want to make sure I have things right.
    > >
    > >
    > >
    > >
    > > --
    > >
    > > end
    > >
    > > Respectfully,
    > > Kirk D Bailey
    > >
    > >
    > > +---------------------"Thou Art Free." -Eris-----------------------+
    > > | http://www.howlermonkey.net mailto:highprimatehowlermonkey.net |
    > > | KILL spam dead! http://www.scambusters.org/stopspam/#Pledge |
    > > | http://www.tinylist.org +--------+ mailto:grumpytinylist.org |
    > > +------------------Thinking| NORMAL |Thinking----------------------+
    > > +--------+
    > > ---------------------------------------------
    > > Introducing NetZero Long Distance
    > > 1st month Free!
    > > Sign up today at: www.netzerolongdistance.com
    > >
    > > To Unsubscribe: send mail to majordomoFreeBSD.org
    > > with "unsubscribe freebsd-security" in the body of the message
    > > 

    -- 

    end

    Respectfully,
             Kirk D Bailey

    +---------------------"Thou Art Free." -Eris-----------------------+
| http://www.howlermonkey.net  mailto:highprimatehowlermonkey.net |
| KILL spam dead!      http://www.scambusters.org/stopspam/#Pledge |
| http://www.tinylist.org  +--------+   mailto:grumpytinylist.org |
+------------------Thinking| NORMAL |Thinking----------------------+
                           +--------+
---------------------------------------------
Introducing NetZero Long Distance
1st month Free!
Sign up today at: www.netzerolongdistance.com

    To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message