Re: setuid ing perl?
On Thu, Apr 18, 2002 at 12:11:48AM +0200, Henk-Jan wrote: > I want to go for the "recompile" option... > The thing is: It was automagically installed by CPAN. > > So how can I "get" perl 5.6.1 using CPAN? > And then I would kow what to do.. perl should have been downloaded and extracted to your CPAN build directory. By default this is /root/.cpan/build. You set the CPAN home directory when you first configured it. If you can't find it, or don't care to look, you can download the latest from http://www.perl.com/pub/a/language/info/software.html#stable I wouldn't suggest using the CPAN shell for compiling and installing perl. Read the documentation in the perl source directory for information on configuration and compilation. Michael -- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: setuid ing perl?
I want to go for the "recompile" option... The thing is: It was automagically installed by CPAN. So how can I "get" perl 5.6.1 using CPAN? And then I would kow what to do.. > On Wed, Apr 17, 2002 at 09:50:17AM -0800, Michael Fowler wrote: > > On Wed, Apr 17, 2002 at 06:04:49AM +0200, Henk-Jan wrote: > > >3. Your perl may be compiled with suid ability disabled. > > > > Did you compile Perl yourself, or install from a vendor-provided package? > > If the latter, does the vendor provide a package for setuid perl? > > Sorry, I forgot for a moment how you came to this predicament. Assuming the > permssions on the openwebmail files are correct, you should probably > reinstall the perl provided by your vendor, assuming you have that sort of > OS. Otherwise, you'll have to recompile perl, or follow 3c. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: setuid ing perl?
On Wed, Apr 17, 2002 at 09:50:17AM -0800, Michael Fowler wrote: > On Wed, Apr 17, 2002 at 06:04:49AM +0200, Henk-Jan wrote: > >3. Your perl may be compiled with suid ability disabled. > > Did you compile Perl yourself, or install from a vendor-provided package? > If the latter, does the vendor provide a package for setuid perl? Sorry, I forgot for a moment how you came to this predicament. Assuming the permssions on the openwebmail files are correct, you should probably reinstall the perl provided by your vendor, assuming you have that sort of OS. Otherwise, you'll have to recompile perl, or follow 3c. Michael -- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: setuid ing perl?
Ah, you're talking about running setuid programs. This can be a tricky issue, as there are some operating systems that can't securely run setuid scripts. On Wed, Apr 17, 2002 at 06:04:49AM +0200, Henk-Jan wrote: >2. Your openwebmail scripts may have wrong owner or mode. > The permission of > > openwebmail.pl, openwebmail-main.pl, > openwebmail-read.pl, openwebmail-viewatt.pl, > openwebmail-send.pl, openwebmail-spell.pl, > openwebmail-prefs.pl, openwebmail-folder.pl and checkmail.pl > > should be > > mode=4555 > owner=root > group=mail Have you checked this? >3. Your perl may be compiled with suid ability disabled. Did you compile Perl yourself, or install from a vendor-provided package? If the latter, does the vendor provide a package for setuid perl? > c. Or use uty/suidwrap.pl to generate C wrappers for all suid scripts. > Here are the steps: > 1. cd cgi-bin/openwebmail > 2. perl uty/wrapsuid.pl /fullpath/cgi-bin/openwebmail You can also try this, avoiding the setuid perl altogether. Michael -- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: setuid ing perl?
> On Tue, Apr 16, 2002 at 11:27:50PM +0200, Henk-Jan wrote: > > I used " perl -MCPAN -e shell" > > to install new perl modules. > > I now also have perl 5.6.1 (I had 5.6.0) > > This was a bug with older versions of the CPAN shell. What version of the > shell are you running? I'd suggest upgrading it, so that module upgrades > don't try to upgrade perl. It is too late now > > > > But I am afraid that my perl does not support setuid anymore. > > How can I simply reinstall perl, but then with setuid support using CPAN? > > You must be mistaken, 5.6.1 supports setuid. How did you go about > determining it doesn't? > I want to install a scipt called "openwebmail". If I run it as root, it works allright (I see html code coming) If I run it as a user I get: "./openwebmail/pl' must be setuid to root" This is what is says in the faq: http://turtle.ee.ncku.edu.tw/openwebmail/doc/faq.txt Q: I got "Internal server error" when running Open WebMail? I got "can not do setuid" error? I got "Software error: Can't locate etc/openwebmail.conf in @INC" error? A: There are many possible answers... 1. Please check you have installed a complete set of perl 5.005 or above. And You uncompress the openwebmail-1.xx.tgz with proper parameter. It should be "tar -zxvBpf openwebmail-1.xx.tgz" 2. Your openwebmail scripts may have wrong owner or mode. The permission of openwebmail.pl, openwebmail-main.pl, openwebmail-read.pl, openwebmail-viewatt.pl, openwebmail-send.pl, openwebmail-spell.pl, openwebmail-prefs.pl, openwebmail-folder.pl and checkmail.pl should be mode=4555 owner=root group=mail 3. Your perl may be compiled with suid ability disabled. a. check if you have a executable of suidperl, then 'chmod 4555 suidperl' and change #!/usr/bin/perl to the path of this suidperl b. Or recompile your perl with suid enabled Here are the steps: 1. grab the perl source tar ball 2. sh Configure -de (de means default perl config) 3. edit config.sh and set this : d_dosuid='define' d_suidsafe='undef' 4. then make, make install (make suidperl if needed) (thanks to Nemo Kaiser, [EMAIL PROTECTED]) c. Or use uty/suidwrap.pl to generate C wrappers for all suid scripts. Here are the steps: 1. cd cgi-bin/openwebmail 2. perl uty/wrapsuid.pl /fullpath/cgi-bin/openwebmail All suid scripts will be renamed to .scriptname.pl and the C wrapper will be generated and named as script.pl (thanks to Chris Heegard, [EMAIL PROTECTED]) -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: setuid ing perl?
On Tue, Apr 16, 2002 at 11:27:50PM +0200, Henk-Jan wrote: > I used " perl -MCPAN -e shell" > to install new perl modules. > I now also have perl 5.6.1 (I had 5.6.0) This was a bug with older versions of the CPAN shell. What version of the shell are you running? I'd suggest upgrading it, so that module upgrades don't try to upgrade perl. > But I am afraid that my perl does not support setuid anymore. > How can I simply reinstall perl, but then with setuid support using CPAN? You must be mistaken, 5.6.1 supports setuid. How did you go about determining it doesn't? Michael -- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com -- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
setuid ing perl?
I used " perl -MCPAN -e shell" to install new perl modules. I now also have perl 5.6.1 (I had 5.6.0) But I am afraid that my perl does not support setuid anymore. How can I simply reinstall perl, but then with setuid support using CPAN? Henk -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]