Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!qns3.qns.net!imci4!newsfeed.internetmci.com!news.mathworks.com!fu-berlin.de!informatik.tu-muenchen.de!Germany.EU.net!Dortmund.Germany.EU.net!interface-business.de!usenet From: j@ida.interface-business.de (J Wunsch) Newsgroups: comp.unix.bsd.bsdi.misc,comp.unix.misc,comp.programming Subject: Re: Perl Script Permissions Date: 26 Aug 1996 09:33:06 GMT Organization: interface business GmbH, Dresden Lines: 35 Message-ID: <4vrr0i$7k8@innocence.interface-business.de> References: <321E1027.58DB@he.net> Reply-To: joerg_wunsch@interface-business.de (Joerg Wunsch) NNTP-Posting-Host: ida.interface-business.de X-Newsreader: knews 0.9.6 X-Phone: +49-351-31809-14 X-Fax: +49-351-3361187 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Xref: euryale.cc.adfa.oz.au comp.unix.bsd.bsdi.misc:4708 comp.unix.misc:24772 comp.programming:27879 ShadowTech Enterprises <shadow@he.net> wrote: (Btw., your message is what i consider `close to be unreadable'. One large blurb of text is not what people invites to read about your problem.) > directories are modified. What I am weak on, is the access > permission structure of the BSD/OS system I am running on. The > script runs fine for 'cd' using the 'chdir' perl command, and but > when I try to implement 'chmod' using the perl command 'chmod' or a > 'system' call or by using backticks I do not get any result other > than a permission denied error for the perl command... Perhaps you can elaborate more? Since all this happens under your account, from a Unix point of view, all files belong to you. You are not even allowed to give away files to other user IDs. What might be your problem is that you are probably running a script called by the Web server. For security reasons, Webservers usually run under the UID of `nobody'. If this is your problem, suidperl might solve your problems, but if your system manager is paranoid, he hasn't installed it. :) (There has been a recent vulnerability report about suidperl, but there are indeed fixed versions that do also work. The trick is to *not* use the ``Posix saved ID model''.) With suidperl, you can make the script run on behalf of your identity. Naturally, you gotta be very careful with what you're allowing and what not. -- J"org Wunsch Unix support engineer joerg_wunsch@interface-business.de http://www.interface-business.de/~j