[ale] Please Help

Chris Fowler cfowler at outpostsentinel.com
Thu Mar 28 15:51:30 EST 2002 

You are right


int main(int argc, char *argv[]) { execl("/bin/sh","/bin/sh",0); return 0' }

I compiled that program and set 4755 permissions.  When I excuted
as a user I still got a user shell.  Not root.  Maybe we are doing something
wrong.



-----Original Message-----
From: Ken Nagorski [mailto:kenn at pcintelligent.com]
To: ale at ale.org
Sent: Thursday, March 28, 2002 3:35 PM
To: ale at ale.org
Subject: Re: [ale] Please Help


It really has nothing to do with php, php calls a compiled C program that is
4755, the C program does on thing, as a matter of fact this is the code

int main(void)
{
    system("/usr/local/sbin/changewriter.pl");
}

The Change writer program checks the data to make sure it is not bogus (even
thought I do this in the PHP script) and then runs
"/usr/lib/courier/sbin/makealiases" But it just doesn't work, I can't
understand it for the life of me...

Thanks
ken

> if php is compiled as an apache module, you're outta luck afaik.....
> there's  nothing to chmod +s, and suexec doesn't work on mod_php (?
> never tried  myself, but that's what I've heard).
>
> if you've compiled it as a standalone executable, you can always chmod
> +s  /usr/local/bin/php, but then all your scripts run as that uid,
> which is  typically not good. (anyone know if apache will even accept
> an interpreter  that has the +s bit?)
>
> Suexec with standalone php is probably the best option.  That will
> allow you  to designate a certain directory or virtualhost as setuid,
> while leaving all  other php scripts alone.
>
> http://httpd.apache.org/docs/suexec.html
> http://www.php.net/manual/en/security.cgi-bin.php
>
> Tyler
>
> Ken Nagorski:
>> Please tell me someone knows how to do this. Here is the problem.
>>
>> I need to a script SUID form a website. It is a PHP script that calls
>> a wrapper program written in C and it is set 4755, The script is calls
>> just runs a system command, actually a courier command, the makealises
>> command. But I can't get this to work for the life of me. I know that
>> someone has had of written the script that simplifies system mamagment
>> and then needed to run a system command when it is finished but HOW?
>>
>> Uhg - Thanks
>> Ken
>>
>>
>>
>>
>> ---
>> This message has been sent through the ALE general discussion list.
>> See http://www.ale.org/mailing-lists.shtml for more info. Problems
>> should be sent to listmaster at ale dot org.
>
> ---
> This message has been sent through the ALE general discussion list. See
> http://www.ale.org/mailing-lists.shtml for more info. Problems should
> be  sent to listmaster at ale dot org.




---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.




---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list