Error-Insecure dependency at line x while running setuid

  • akaash
  • Beginner
  • Beginner
  • akaash
  • Posts: 62
  • Loc: Gujurat,India

Post 3+ Months Ago

I am constantly getting the error:

"Insecure dependency at line x while running setuid"

while running a cgi script. I think that this is due to some problem in chmod of the script.

my script is having the permission -rwsr-xr-x and owner is "root" and group is also "root". Now i am trying to access a file called /home/temp1/mail/saved-messages. I am creating an Mail::Folder object to this file . The file is accessed anyway but the problem occurs when i try to destroy the object by calling $myobject->close where close is the method of that object. When I try to do this the error occurs . What to do?

I am stuck up here from 2 days. please help me out...
aakaash.
  • _Leo_
  • Proficient
  • Proficient
  • User avatar
  • Posts: 279
  • Loc: Buenos Aires, Argentina

Post 3+ Months Ago

Do you REALLY need to run a Perl script root setuid?

I won't recommend that. It's certainly not a secur practice, besides Perl takes some measures while running setuid.
  • akaash
  • Beginner
  • Beginner
  • akaash
  • Posts: 62
  • Loc: Gujurat,India

Post 3+ Months Ago

yes i have to otherwise it will not be able to access the /home/temp/mail/saved-messeges file.
  • Managedlinks
  • Proficient
  • Proficient
  • Managedlinks
  • Posts: 294

Post 3+ Months Ago

If Your script is running from a web browser then it wont get the root permissions you speak of it well get the permissions that the server uses which is probably 'nobody'

when your script runs it is tainted and will not execute potentially harmful commands such as deleting a file, or creating a new one

one possible way around this problem is to change the permissions to 4755 instead of 0755 the script will then execute with the owners permissions.

BUT BE WARNED if the script is unsafe you can do terrible damage to your web server, particularly as the owner is root.

Don't do it unless you know exactly what you are doing and that any third party scripts you are using are safe.
  • _Leo_
  • Proficient
  • Proficient
  • User avatar
  • Posts: 279
  • Loc: Buenos Aires, Argentina

Post 3+ Months Ago

Thats right, you should modify permissions on the file you are trying to reach from the webserver. I didn't realize of the CGI thing :)

Post Information

  • Total Posts in this topic: 5 posts
  • Users browsing this forum: No registered users and 76 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.