RES: apache mod_perl + suid question

>Insecure dependency in `` while running with -T switch at
>/usr/sbin/usermod_wrapper.pl line 27

These means that you can't use ``. You need to use system command.

$command = "/path/you/need";

system($command);

All the additional vars need to be passed through vars :

$var1 = "login";
$var2 = "password":

system($command,$var1,$var2);

If it does not run under -T switch, will not run in mod_perl.

>So to get over this problem, I should chown "apachectl" to
>the Apache group ?

No.

>And secondly, if I am running Apache as non-root, then I
>will have to use the "system" command ? I cannot use
>the $ret = `$wrapper` command. Is this true ?

Even running apache as root, you need to follow the tainted mode rules.

Regards,

Vitor


-----Original Message-----
From: Vitor [mailto:vsmori@xxxxxxxxxx]
Sent: Friday, July 26, 2002 8:31 PM
To: pandit_tushar@xxxxxxx; modperl@xxxxxxxxxxxxxxx
Subject: RES: apache mod_perl + suid question


Tushar,

It's not recommeded to run apache as root. (Security issues).

I have some applications that uses system command under mod_perl without
problems.

Try to execute you wrapper script in command line. Execute it with
/usr/bin/perl -T (tainted mode), that checks if your script is safe. If you
got error results, you will know why it's not working.

$ret = `$wrapper` , also should work in you configuration (running apache as
root).

Regards,

Vitor

-----Mensagem original-----
De: pandit_tushar@xxxxxxx [mailto:pandit_tushar@xxxxxxx]
Enviada em: sexta-feira, 26 de julho de 2002 20:13
Para: vsmori@xxxxxxxxxx; modperl@xxxxxxxxxxxxxxx
Assunto: RE: apache mod_perl + suid question


Thanks Vitor...

I have something very similar to what you mention below..only
that I am taking the username and passwd from the apache gui.
Then I encrypt the passwd and send that to wrapper(i.e. suid_file)
script.
So I have something like system($wrapper), where $wrapper =
suid_file.pl "encrupted passwd" "username".

I changed the suid_file to 4750 and have the ownership and
group as root,root. I am also runing Apache as root. I don't
have httpd as a user or group. Do I need to ?
Also do I need to use the ystem command, can't I just do
$ret = `$wrapper` ?

thanks.

-Tushar


-----Original Message-----
From: Vitor [mailto:vsmori@xxxxxxxxxx]
Sent: Friday, July 26, 2002 7:04 PM
To: pandit_tushar@xxxxxxx; modperl@xxxxxxxxxxxxxxx
Subject: RES: apache mod_perl + suid question


Hello Tushar,

Try this :

$suid_file = "file_path/suidfile.pl";

$user = "nobody";

$passwd = "kdsak";

(system($suid_file,$user,$$passwd))
or die "Error in suid operation $! ";

Note that suid_file need the following commands :

- chmod 4750
- chown root:httpd

Regards,

Vitor



-----Mensagem original-----
De: pandit_tushar@xxxxxxx [mailto:pandit_tushar@xxxxxxx]
Enviada em: sexta-feira, 26 de julho de 2002 19:41
Para: modperl@xxxxxxxxxxxxxxx
Assunto: apache mod_perl + suid question



Hello,

I am trying to write a password changing program. For this I have a mod_perl
subroutine
from where I am trying to execute a perl script(with suid permissions 4711),
which is a wrapper and
in turn calls the usermod command on linux with the old and new passwords.
The problem I am having:
1: The usermod command doesn't get executed. I have tried debugging
this...by having a log
file(/usr/local/apache/logs) and the mod_perl process does open the wrapper
script..but then does
nothing. It does not  execute the command. What am I doing wrong ? I know
there might be some
quirks with suid permissons and I would like to know how can I overcome
this.
I have something like below from mod_perl subroutine:

my $ret_val = `$wrapper`;

Within the wrapper perl script, I call usermond with the passwds by doing:
$ret = `$usermondcmd 2>&1`


Any help would be much appreciated.

thanks a lot.

-Tushar