[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: opinion on shell cgi scripts
* Ben Goren <ben@trumpetpower.com> [2004-11-01 15:58]:
> On 2004 Nov 1, at 7:01 AM, Ben Goren wrote:
> > On 2004 Nov 1, at 4:48 AM, Johan SANCHEZ wrote:
> >>> You can't make scripts suid, only binaries.
> >> Really ?
> > Really.
> Camiel pointed out that I probably had said script running on a
> partition mounted nosuid--which was correct. And, as the case should be
> for any partition running CGI scripts...but that doesn't make my
> statement (and Johan's) any less false.
>
> For the record:
>
> $ id && cat /suid-whoami && ls -l /suid-whoami && /suid-whoami
> uid=501(ben) gid=501(ben) groups=501(ben), 0(wheel), 5(operator),
> 9(wsrc), 20(staff), 67(www), 20002(artsed)
> #!/bin/sh
>
> id
> -rwsr-sr-x 1 root wheel 14 Nov 1 07:44 /suid-whoami*
> uid=501(ben) euid=0(root) gid=501(ben) egid=0(wheel) groups=501(ben),
> 0(wheel), 5(operator), 9(wsrc), 20(staff), 67(www), 20002(artsed)
now can you please read your own output? euid=0, aka root.
read setuid(2).