I'm writing a CGI script in UNIX that needs to be able to read the contents of a directory /foo/bar on the server. The problem I'm running into is the 'nobody' user doesn't have permission to read /foo/bar.
# This doesn't work...
my @configs_glob = glob("/foo/bar/*.ini");
# Permissions of /foo/bar directory...
drwxrwsr-x
My attempted solution was to have a little "listdir" script with SUID set, so "listdir" would execute as the owner of /foo/bar, thereby having permission to read /foo/bar.
# This is my attempted solution...
my @configs_glob = `listdir '/foo/bar/*.ini'`;
# Contents of "listdir" script...
directory=$1
ls $directory
# Permissions of "listdir" are: -rwsr-xr-x
# Owner of "listdir" is same as owner of /foo/bar
If I throw a little "whoami" command in the "listdir" script, it returns 'nobody'. My knowledge of SUID must be lacking. Any help?
# This doesn't work...
my @configs_glob = glob("/foo/bar/*.ini");
# Permissions of /foo/bar directory...
drwxrwsr-x
My attempted solution was to have a little "listdir" script with SUID set, so "listdir" would execute as the owner of /foo/bar, thereby having permission to read /foo/bar.
# This is my attempted solution...
my @configs_glob = `listdir '/foo/bar/*.ini'`;
# Contents of "listdir" script...
directory=$1
ls $directory
# Permissions of "listdir" are: -rwsr-xr-x
# Owner of "listdir" is same as owner of /foo/bar
If I throw a little "whoami" command in the "listdir" script, it returns 'nobody'. My knowledge of SUID must be lacking. Any help?
