Re: list scripts, permissions, and ownerships.

From: Nickolay A. Kritsky (nkritsky@internethelp.ru)
Date: 11/14/02

• Next message: Alexandr Kovalenko: "Re: FreeBSD Security Advisory FreeBSD-SA-02:43.bind"
• Previous message: Masachika ISHIZUKA: "Re: FreeBSD Security Advisory FreeBSD-SA-02:43.bind"
• In reply to: Kirk Bailey: "list scripts, permissions, and ownerships."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 14 Nov 2002 15:30:47 +0300
From: "Nickolay A. Kritsky" <nkritsky@internethelp.ru>
To: Kirk Bailey <idiot1@netzero.net>

Hello Kirk,

Thursday, November 14, 2002, 7:53:46 AM, you wrote:

KB> I have a problem. I am writing a script to create lists, and another to destroy
KB> them- that is, MAIL lists, such as mailman, majordomo, and mojomail and tinylist
KB> all work with. (I write TinyList.)

KB> The aliases file must have certain permissions, and it appears to be 644 in my
KB> freebsd box- hope that's correct, but it works fine. And the ownership is root,
KB> and that works fine.

KB> well, apache in the box is nobody:wheel and runs scripts as such. I have the
KB> scripts owned nobody:wheel also. They run, but it cannot access the aliases
KB> file-permissions/ownerships. OK, changed the relevant scripts' ownerships to
KB> root (gasp!) and tried to run things that way. still no luck. Scripts apparently
KB> are running as nobody, even though owned by root.

KB> OK, a few questions.

KB> First, how to I get a script to discover what identity it is running as?

id(1)
whoami(1)

KB> Second, how can I insure it runs as a particular identity(so as to be compatable
KB> with the email system), when run by the web server?

apache has some feature called `suexec'. I think it can help you.
Search the apache manual.

;-------------------------------------------
; NKritsky
; mailto:nkritsky@internethelp.ru

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Alexandr Kovalenko: "Re: FreeBSD Security Advisory FreeBSD-SA-02:43.bind"
• Previous message: Masachika ISHIZUKA: "Re: FreeBSD Security Advisory FreeBSD-SA-02:43.bind"
• In reply to: Kirk Bailey: "list scripts, permissions, and ownerships."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages list scripts, permissions, and ownerships. ... them- that is, MAIL lists, such as mailman, majordomo, and mojomail and tinylist ... apache in the box is nobody:wheel and runs scripts as such. ... changed the relevant scripts' ownerships to ... root and tried to run things that way. ... (FreeBSD-Security) SUMMARY and apology Re: Some bash/tty questions ... Some people tend to create complex login scripts ... If you don't allow direct login to root, but rather su to root, then so ... Hi, not to bash down on bash, but perhaps you should try zsh, it has the shared history thing built in. ... (SunManagers) Re: multiuser permissions ... > Apache runs as user apache, ... > PHP runs within Apache in SAFE_MODE, which blocks joeuser's scripts ... > from opening any files not created by joeuser. ... Perl scripts can also, ... (comp.unix.admin) Re: Will Linux become as vulnerable as MS ?? ... But people sometimes infected by viruses from files ... Then anyone with a basic understanding of shell scripts could write one ... > Apache, and despite having several rather nasty holes in Apache, or it's ... > the vile record that IIS holds in spreading malware. ... (comp.os.linux.security) Re: Will Linux become as vulnerable as MS ?? ... >> Linux, each distro is a little different, and even within the distro, ... > Then anyone with a basic understanding of shell scripts could write one ... >> Apache, and despite having several rather nasty holes in Apache, or it's ... >> the vile record that IIS holds in spreading malware. ... (comp.os.linux.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint