| View previous topic :: View next topic |
| Author |
Message |
silverjam
n00b
Joined: 03 Sep 2004
Posts: 70
Location: Haslev, Denmark
|
 Posted: Sun Oct 24, 2004 7:21 pm Post subject: chmod +s doesn't strike through when I execute my program |
 |
|
Hi all!
I have a Perl program (test.pl) that goes something like this:
#!/usr/bin/perl
system("whoami");
The owner of the program is qmailq:qmail.
I do chmod 4750 and get this:
-rwsr----- 1 qmailq qmail 54 Oct 24 20:59 test.pl
When I execute the program as root on my Mandrake-box, the output is (rightfully) 'qmailq'.
When I execute the program as root on my Gentoo-box, the output is 'root'!!!!!  -- Why is this so? The user qmailq and group qmail exists, and I am able to do a 'su qmailq' and execute commands here...
Is there some special thing I need to set up on a Gentoo for the 's' file permission bit to work? 
Please help me, since this is driving me nuts.....
Cheers,
~Morten |
|
| Back to top |
|
 |
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sun Oct 24, 2004 7:40 pm Post subject: |
|
|
Are you sure the file's owner on Gentoo is qmailq as well ?
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
silverjam
n00b
Joined: 03 Sep 2004
Posts: 70
Location: Haslev, Denmark
|
| Posted: Sun Oct 24, 2004 7:46 pm Post subject: |
|
|
I do the whole procedure on both machines, and get similar 'ls -l' output on both.
I also tried to change the ownership of the file to an ordinary user on Gentoo, but I still get 'root' as output.....
Any ideas?
~Morten |
|
| Back to top |
|
|
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sun Oct 24, 2004 8:14 pm Post subject: |
|
|
You might like to check the permissions on the directory the file is in.
ISTR it is possible to prohibit any form of SetUID when you set a certain directory permission bit.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
029ah
n00b
Joined: 14 Sep 2003
Posts: 15
Location: Moscow
|
| Posted: Sun Oct 24, 2004 9:21 pm Post subject: |
|
|
the problem is that SUID bit does not automatically changes process owner.
BTW I'm not shure that you can use SUID in perl script cause the binary of process is perl...
Read about seteuid function... |
|
| Back to top |
|
|
silverjam
n00b
Joined: 03 Sep 2004
Posts: 70
Location: Haslev, Denmark
|
| Posted: Mon Oct 25, 2004 6:32 am Post subject: |
|
|
 It works fine with a Perl script when I do this exact thing on a RedHat 9.1...
(If you haven't guessed it yet, its my qmail-queue that won't execute as qmailq when the 's' bit is set and the owner is qmailq:qmail.)
I tried to move the script out to the location /test.pl, but the result is still 'root' no matter what user owns the script....
Am I missing some filesystem option (fstab), kernel compilation option, sudo option, my make.conf, or something like that...
Any ideas are mostly welcome...
Cheers,
~Morten |
|
| Back to top |
|
|
silverjam
n00b
Joined: 03 Sep 2004
Posts: 70
Location: Haslev, Denmark
|
| Posted: Mon Oct 25, 2004 3:45 pm Post subject: |
|
|
Ok. I just tried to do this:
sudo -u qmailq ./test.pl
With this, I get the output 'qmailq'. Now: What's the difference between that situation and setting the 's' bit on the file?
...and how can I check if the 's' bit part of my filesystem (Ext3) is broken?
Again: It works fine on RedHat, but not on Gentoo (the 's' bit), and it's driving me absolutely crazy....
~Morten  |
|
| Back to top |
|
|
|
Networking & Security
