George Avrunin wrote:
On Fri, 16 Nov 2007 12:49:55 +0900 John Summerfield
<debian@xxxxxxxxxxxxxxxxxxxxxx> wrote:
I take it the script begins
#!/usr/bin/sperl
Change it to
#!/usr/bin/perl
and see what you see.
No, it begins
#!/usr/bin/perl
but it needs to run suid to access the backups.
[~] 11) l -lZ /var/www/cgi-bin/BackupPC/
-rwsr-x--- backuppc apache system_u:object_r:httpd_sys_script_exec_t:s0
BackupPC_Admin*
I think your phrase "fix properly" meas you need to learn how to write a
local policy to allow it.
This same script worked in FC6.
There's been some tension (to my mind at least) between Linux[1] (setuid
is ignored with scripts) and perl (stuff Linux, we're going to do
setuid scripts).
[1] I don't think Linux is alone here.
What I have done, in Debian and without selinux, where I want CGI to do
root stuff is to authorise it without passwords via sudo,
--
Cheers
John
-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx Z1aaaaaaa@xxxxxxxxxxxxxxxx
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
Please do not reply off-list
