Hi all,
I have been trying to run some perl scripts via sendail, and had varing degrees of success in the past (using earlier versions of sendmail) but have never managed to get it working just right.
having recenty upgraded my box (FreeBSD 4.7-RELEASE) i have encountered further problems (suid/guid & insecure scripts) with the new version of sendmail (8.12.6) that comes with the base-install.
Basically i have changed my config so many times in the past, just to get a script to run, that now i am unsure of what i need to do to get it to work with 8.12.6!
I have tried many configs of my own and from the net, but again only managed to get some scripts to run without errors, and again, many changes have been made in haist and then forgotten about, so, i would be very greatefull is anybody could post a definitive list of "things that need to be changed/set to enable sendmail to run perl scripts 'securly'" like file permissions for /bin/sh & scripts, wrappers, and dirs..., sendmail config options.., do's and don'ts in the script..etc that sort of thing.
I am currently using the 'c-wrapper' method to execute scripts, one or two work (w/suid not set), the others fail (with or w/o suig/guid set) with "Insecure dependency in system while running setuid at /usr/scripts/.myScript.pl line 43, <FILE> chunk 8.". I am realy at a loss and about to start pullng my hair out, so ANY help would be appreciated.
Thanks in advance,
JayBot![[sad]](/data/assets/smilies/sad.gif "[sad] [sad]")
"Always know what you say, but don't always say what you know!"
I have been trying to run some perl scripts via sendail, and had varing degrees of success in the past (using earlier versions of sendmail) but have never managed to get it working just right.
having recenty upgraded my box (FreeBSD 4.7-RELEASE) i have encountered further problems (suid/guid & insecure scripts) with the new version of sendmail (8.12.6) that comes with the base-install.
Basically i have changed my config so many times in the past, just to get a script to run, that now i am unsure of what i need to do to get it to work with 8.12.6!
I have tried many configs of my own and from the net, but again only managed to get some scripts to run without errors, and again, many changes have been made in haist and then forgotten about, so, i would be very greatefull is anybody could post a definitive list of "things that need to be changed/set to enable sendmail to run perl scripts 'securly'" like file permissions for /bin/sh & scripts, wrappers, and dirs..., sendmail config options.., do's and don'ts in the script..etc that sort of thing.
I am currently using the 'c-wrapper' method to execute scripts, one or two work (w/suid not set), the others fail (with or w/o suig/guid set) with "Insecure dependency in system while running setuid at /usr/scripts/.myScript.pl line 43, <FILE> chunk 8.". I am realy at a loss and about to start pullng my hair out, so ANY help would be appreciated.
Thanks in advance,
JayBot
"Always know what you say, but don't always say what you know!"