Tushar, It's not recommeded to run apache as root. (Security issues).
I have some applications that uses system command under mod_perl without problems. Try to execute you wrapper script in command line. Execute it with /usr/bin/perl -T (tainted mode), that checks if your script is safe. If you got error results, you will know why it's not working. $ret = `$wrapper` , also should work in you configuration (running apache as root). Regards, Vitor -----Mensagem original----- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Enviada em: sexta-feira, 26 de julho de 2002 20:13 Para: [EMAIL PROTECTED]; [EMAIL PROTECTED] Assunto: RE: apache mod_perl + suid question Thanks Vitor... I have something very similar to what you mention below..only that I am taking the username and passwd from the apache gui. Then I encrypt the passwd and send that to wrapper(i.e. suid_file) script. So I have something like system($wrapper), where $wrapper = suid_file.pl "encrupted passwd" "username". I changed the suid_file to 4750 and have the ownership and group as root,root. I am also runing Apache as root. I don't have httpd as a user or group. Do I need to ? Also do I need to use the ystem command, can't I just do $ret = `$wrapper` ? thanks. -Tushar -----Original Message----- From: Vitor [mailto:[EMAIL PROTECTED]] Sent: Friday, July 26, 2002 7:04 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RES: apache mod_perl + suid question Hello Tushar, Try this : $suid_file = "file_path/suidfile.pl"; $user = "nobody"; $passwd = "kdsak"; (system($suid_file,$user,$$passwd)) or die "Error in suid operation $! "; Note that suid_file need the following commands : - chmod 4750 - chown root:httpd Regards, Vitor -----Mensagem original----- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Enviada em: sexta-feira, 26 de julho de 2002 19:41 Para: [EMAIL PROTECTED] Assunto: apache mod_perl + suid question Hello, I am trying to write a password changing program. For this I have a mod_perl subroutine from where I am trying to execute a perl script(with suid permissions 4711), which is a wrapper and in turn calls the usermod command on linux with the old and new passwords. The problem I am having: 1: The usermod command doesn't get executed. I have tried debugging this...by having a log file(/usr/local/apache/logs) and the mod_perl process does open the wrapper script..but then does nothing. It does not execute the command. What am I doing wrong ? I know there might be some quirks with suid permissons and I would like to know how can I overcome this. I have something like below from mod_perl subroutine: my $ret_val = `$wrapper`; Within the wrapper perl script, I call usermond with the passwds by doing: $ret = `$usermondcmd 2>&1` Any help would be much appreciated. thanks a lot. -Tushar
