suid root - bash script
Shachar Shemesh
shachar at shemesh.biz
Thu Apr 23 14:13:07 IDT 2009
Noam Rathaus wrote:
> Hi Shachar,
>
> Thanks for the response.
>
> I am using here Debian 5.0 and I still get the problem even if I:
> 1) setuid the file to be setuid root
> 2) change the perl interpreter at the top of the script from perl to
> suidperl (they are the same symbloic link, but I tried it anyhow)
>
> So I guess something is wrong with my apache, or script, or both
>
On my Debian Lenny:
Installed perl-suid
Installed apache2
Put, in /usr/lib/cgi-bin, a file called "test" that read:
> #!/usr/bin/perl
>
> print "Content-Type: text/plain\n";
> print "\n";
>
> while(<>) {
> print $_;
> }
Changed owner to root and added suid.
From a broser, ran:
http://localhost/cgi-bin/test?%2fetc%2fshadow
Result: /etc/shadow was dumped to the browser window.
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting Ltd.
http://www.lingnu.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20090423/c3fcbe54/attachment.html>
More information about the Linux-il
mailing list