Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Re: Insecure dependency in chmod while running setuid

by tweetiepooh (Friar)
on Jun 12, 2009 at 11:08 UTC ( #770909=note: print w/replies, xml ) Need Help??


in reply to Insecure dependency in chmod while running setuid

On a tangental note. Don't you use privilege separation on your Apache? On my Apache 2.2 although root starts Apache (needed for port 80) it spawns processes under a non root account and that account then is the owner of Perl scripts that are executed.
  • Comment on Re: Insecure dependency in chmod while running setuid

Replies are listed 'Best First'.
Re^2: Insecure dependency in chmod while running setuid
by ak4good (Initiate) on Jun 13, 2009 at 04:11 UTC
    Yes, Apache on my machine executes cgi scripts as the Apache user, hence the need for setuid to do stuff that the Apache user doesn't have permissions for.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://770909]
help
Chatterbox?
[davido]: And remember; time is hard. :) As soon as you think, I've got this, you'll discover that time is harder than that. :)
[1nickt]: TCLion are you parsing the dates with DateTime or another tool?
[1nickt]: I note DateTime::Format:: Flexible, announced immediately below this box in the CPAN feed
[Corion]: 1nickt: That one sounds sensible as it will tell you when it found an error
[1nickt]: Throws on error, I believe

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (14)
As of 2017-03-23 14:45 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Should Pluto Get Its Planethood Back?



    Results (287 votes). Check out past polls.