I think you can't get out of tainted mode under mod_perl.
You will have a big security role if you quit tainted mode.
Regards,
Vitor
-----Mensagem original-----
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Enviada em: sábado, 27 de julho de 2002 12:06
Para: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Assunto: RE: apache mod_perl + suid question
Vitor,
The thing is also that I can run the wrapper from the command line without
the
-T switch, and I do succeed, i.e. the password does get changed. Seems like
mod_perl by default has the taint mode on.
How do I get rid of this taint mode from mod_perl.
At present I have the following "use" calls in mod_perl:
use Apache::Constants qw(:common);
use Apache::Debug();
use CGI '-autoload';
Do I need to add something here or take out something from here to get rid
of the tainted mode ?
thanks.
-Tushar
-----Original Message-----
From: Vitor [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 26, 2002 8:31 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RES: apache mod_perl + suid question
Tushar,
It's not recommeded to run apache as root. (Security issues).
I have some applications that uses system command under mod_perl without
problems.
Try to execute you wrapper script in command line. Execute it with
/usr/bin/perl -T (tainted mode), that checks if your script is safe. If you
got error results, you will know why it's not working.
$ret = `$wrapper` , also should work in you configuration (running apache as
root).
Regards,
Vitor
-----Mensagem original-----
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Enviada em: sexta-feira, 26 de julho de 2002 20:13
Para: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Assunto: RE: apache mod_perl + suid question
Thanks Vitor...
I have something very similar to what you mention below..only
that I am taking the username and passwd from the apache gui.
Then I encrypt the passwd and send that to wrapper(i.e. suid_file)
script.
So I have something like system($wrapper), where $wrapper =
suid_file.pl "encrupted passwd" "username".
I changed the suid_file to 4750 and have the ownership and
group as root,root. I am also runing Apache as root. I don't
have httpd as a user or group. Do I need to ?
Also do I need to use the ystem command, can't I just do
$ret = `$wrapper` ?
thanks.
-Tushar
-----Original Message-----
From: Vitor [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 26, 2002 7:04 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RES: apache mod_perl + suid question
Hello Tushar,
Try this :
$suid_file = "file_path/suidfile.pl";
$user = "nobody";
$passwd = "kdsak";
(system($suid_file,$user,$$passwd))
or die "Error in suid operation $! ";
Note that suid_file need the following commands :
- chmod 4750
- chown root:httpd
Regards,
Vitor
-----Mensagem original-----
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Enviada em: sexta-feira, 26 de julho de 2002 19:41
Para: [EMAIL PROTECTED]
Assunto: apache mod_perl + suid question
Hello,
I am trying to write a password changing program. For this I have a mod_perl
subroutine
from where I am trying to execute a perl script(with suid permissions 4711),
which is a wrapper and
in turn calls the usermod command on linux with the old and new passwords.
The problem I am having:
1: The usermod command doesn't get executed. I have tried debugging
this...by having a log
file(/usr/local/apache/logs) and the mod_perl process does open the wrapper
script..but then does
nothing. It does not execute the command. What am I doing wrong ? I know
there might be some
quirks with suid permissons and I would like to know how can I overcome
this.
I have something like below from mod_perl subroutine:
my $ret_val = `$wrapper`;
Within the wrapper perl script, I call usermond with the passwds by doing:
$ret = `$usermondcmd 2>&1`
Any help would be much appreciated.
thanks a lot.
-Tushar