Noam Rathaus wrote:
Hi Shachar,
Thanks for the response.
I am using here Debian 5.0 and I still get the problem even if I:
1) setuid the file to be setuid root
2) change the perl interpreter at the top of the script from perl to
suidperl (they are the same symbloic link, but I tried it anyhow)
So I guess something is wrong with my apache, or script, or both
On my Debian Lenny:
Installed perl-suid
Installed apache2
Put, in /usr/lib/cgi-bin, a file called "test" that read:
#!/usr/bin/perl
print "Content-Type: text/plain\n";
print "\n";
while(<>) {
print $_;
}
Changed owner to root and added suid.
From a broser, ran:
http://localhost/cgi-bin/test?%2fetc%2fshadow
Result: /etc/shadow was dumped to the browser window.
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting Ltd.
http://www.lingnu.com
_______________________________________________
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
