Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

a cgi wrap to do setuid to root - question for jsatterl or anyone else

Posted on 2001-06-21
9
Medium Priority
?
216 Views
Last Modified: 2010-03-05
Can you tell me how to write the cgi wrap that can be setuid to root and then change the process id of the owner of a file?

Please refer to question below; my problem is not resolved yet.
http://www.experts-exchange.com/jsp/qManageQuestion.jsp?qid=20123690

To summarise my  request:  I want to be able to write to a file from a cgi script. The file does not have world writable permissions.
Setting the owner if the file to be the owner of the script did not work for me.
Thanks for any help.


0
Comment
Question by:chazhs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 5

Expert Comment

by:dcgames
ID: 6218452
Actually, I think you may have gotten this one a bit wrong.
You weren't supposed to set the owner of the file to the owner of the script. You were supposed to set the owner of the file to the user that the CGI script is running under.

To check what it is, create a simple perl script that displays the userid.

Does this make a difference? Cause if not, I can suggest a few different ways to get around this, but you really shouldn't have to do that. Setting the file to the right ownership should be sufficient.

Dave
0
 

Author Comment

by:chazhs
ID: 6219111
Yes, you are absolutely right, I was confused with "owner of the script" and "owner of the CGI"
I wrote a small pipe to look under which user the cgi is running:  But bad luck, $string does not have a value in the below code.
So I am not sure who is the" owner of cgi" on the server. Does this make sense, or am I doing something wrong still?

# Create the pipe to get the output of the shell command
open (PS, "/usr/bin/ps -f |");
while (<PS>) {
        $string = <PS>;
print "This process is running as $string";
# the o/p i get for $string is blank
}

Thanks for your time.

0
 
LVL 5

Expert Comment

by:dcgames
ID: 6219389
What's the OS? Unix?

Try this:

@x = `/usr/bin/ps -f`;
print "PS returned @x\n";

See if it works better.

But There is also a PERL way of finding out the user id.

I believe $> has the "effective UID" and $< has the "real UID". Or if you use "english names", then $EUID and $UID are the token names.

$) and $( have the effective GROUP id and the REAL group id respectively.

So

print "EUID = $>\n";
print "UID  = $>\n";
print "EGUID = $)\n";
print "GID   = $(\n";

Dave

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:dcgames
ID: 6219394
Oops Typo. SHould be:

print "EUID = $>\n";
print "UID  = $<\n";     # this one was wrong.
print "EGUID = $)\n";
print "GID   = $(\n";

0
 

Author Comment

by:chazhs
ID: 6219635
Here is the output to your code:

PS returned
EUID = 60001 UID = 60001 EGUID = 60001 60001 GID = 60001 60001

So ps returned with blank value again, and effective UID has some numbers. Does this make sense?
My o.s is solaris5.7

Maybe it means my cgi is running under user " "? Dont know if/how I can change it. And probably, I cannot, since I dont have root permissions on this server?
Thankyou.
0
 
LVL 5

Accepted Solution

by:
dcgames earned 200 total points
ID: 6219698
Hmm..

If you type:

($n,$p, $u,$g, $q,$c,$gc,$dir,$sh)=getpwuid($<);
print "User Name is $n\n");

You should get the user id name in $n..

But regardless, if you are the owner of a file, you should be able to give the file to someone else (except root), no?

Something like:

 chmod 775 myfile.pl
 chown 60001 myfile.pl

This makes the file owned by 60001 but you can still edit it because it's in your group. I'm not quite certain of the chown format. It may be:

  chown uid grpid myfile.pl

in which case you want to make sure the grpid is your OWN group Id so you retain access to the file.

---

Perhaps we are going about this the wrong way. if you own the file yourself, and say it's UID/GID are 1234 and 5678 (for example), in PERL you could

$> = 1234; # set the Effective UID for this perl script to 1234

Same for $<, $) and $(, you can just assign the number to it directly (I think).

So perl gains access to the file by changing it's user id to YOU..

Maybe that works better?

Dave



0
 

Author Comment

by:chazhs
ID: 6219922
Im just testing, hey
($n,$p, $u,$g, $q,$c,$gc,$dir,$sh)=getpwuid($<);
                     print "User Name is $n\n");
printed "nobody"

So I have did
chgrp nobody to my file
chmod 775
and then I WAS ABLE TO WRITE TO IT FRM THE WEB!!!

I will test more and let you know.

thanks!
0
 
LVL 5

Expert Comment

by:dcgames
ID: 6219937
Cool.
0
 

Author Comment

by:chazhs
ID: 6220193
1) First method above works. Thanks, that is so cool.
I set the group of the file to 60001 and permission 775  and I was able to write.

2) I wonder why it shows the owner of cgi as 60001 but when I printed $n from getpwuid, it printed "nobody"  And when I did "ps -ef" it printed blank.

Can you suggest me some good reading material on this one?
Thanks much for your help.

3) Re: method 2 above,

" Perhaps we are going about this the wrong way. if you own the file yourself, and say it's UID/GID are   1234 and 5678 (for example), in PERL you could
                     $> = 1234; # set the Effective UID for this perl script to 1234
                     So perl gains access to the file by changing it's user id to YOU..
                     Maybe that works better?            "

My file's uid/gid are "web" and "dba" dont know how this translates into numbers.
I tried the following in my script, so perl has access to the file
$> =' web';
$< =' web';
$) = ' dba';
$( = 'dba' ;

but this did not work.  I tried without quotes too.

Thanks for your efforts on this.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the distant past (last year) I hacked together a little toy that would allow a couple of Manager types to query, preview, and extract data from a number of MongoDB instances, to their tool of choice: Excel (http://dilbert.com/strips/comic/2007-08…
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question