 | | | Question about suid on Redhat 7.3 | Question about suid on Redhat 7.3 2002-08-28 - By Web Admin Team
Back
Here is the question.
I create a shell script (script.bash), chown user1:user1
script.bash; chmod u+s script.bash; then execute it. It
doesvalhalla-list@(protected)
not appear to execute as user1. (Script just does "mail $1 <
$2 ", where $1 is person I want to send mail to, and $2 is the
file containing the message. But - does not send mail as if it
were user1, it sends the mail as me.
So...I see after searching that perhaps Linux has disabled
suid for shell scripts. Therefore, I create a C program:
#include <stdlib.h >
main()
{
setuid(503); /* Assume 503 is the uid of user1 */
system( "mail me@(protected) < /tmp/jk "); /* Assume me@(protected)
is valid test address */
}
Then I do gcc prog.c -o prog; chown user1:user1 prog; chmod u+s prog;
Then I execute prog. Does the mail show as being sent by
user1? Nope - shows as being sent by me.
So what the heck?
On unix systems I have used these should work. So what is up
with RedHat 7.3 that I cannot get either a script or a program
to act as a suid in this case?
Reason I need this - in my Apache web site sometimes I need to
respond to user input by sending them an email. That works
fine, but it sends it as user Apache. I want to send it as a
different user. Thought I would just use a suid script to do
that, but no go. So - in the specific case, why is this not
working? And in the general case, is there an alternative
approach that I can have my httpd process send an email as a
user other than Apache (i.e., something like 'CustomerService '). ???
Thanks,
webteam@(protected)
|
|
|