[Techtalk] apache switching users to not nobody
Michelle Murrain
tech at murrain.net
Mon Dec 10 23:05:43 EST 2001
At 09:54 PM 12/10/2001, Laurel Fan wrote:
>[1]. background: a process has both a real user ID and an effective
>user ID (it also has a saved user ID, but we won't go into that here.)
>Normally, these are the same, and correspond to the user who started
>the process. When running a setuid program (ie. one that has the
>setuid bit set in its file permissions), the real user ID is set to
>the user who started the process, and the effective user ID is set to
>the user who owns the setuid program. The process is supposed to act
>like the effective user; it can open the effective user's files, etc.
Is there a good tutorial or howto out there on setuid? I've been struggling
with this for web perl scripting - and I can't seem to find a good
straightforward explanation of how to manipulate this. The camel book
doesn't even have one.
.Michelle
---------------------------------------
Michelle Murrain, Ph.D.
tech at murrain.net
AIM:pearlbear0
http://www.murrain.net/ for pgp public key
More information about the Techtalk
mailing list