Suidperl problem

I am installing rt-3.0.2 on a redhat 8.0 machine. I have perl-5.8.0
installed from rpm and I have perl-suidperl installed from rpm. I have
all perl module dependencies met. I have rt running from the main http
server (not virtual server). Here are the pertinant parts of my
httpd.conf file:

LoadModule fastcgi_module modules/mod_fastcgi.so
FastCgiServer /usr/local/rt3/bin/mason_handler.fcgi
ScriptAlias / /usr/local/rt3/bin/mason_handler.fcgi

In my apache error_log file I get this:

[Tue May 06 17:15:15 2003] [notice] suEXEC mechanism enabled (wrapper:
/usr/local/apache2/bin/suexec)
[Tue May 06 17:15:15 2003] [notice] Digest: generating secret for digest
authentication …
[Tue May 06 17:15:15 2003] [notice] Digest: done
[Tue May 06 17:15:16 2003] [notice] FastCGI: process manager initialized
(pid 7627)
[Tue May 06 17:15:16 2003] [warn] FastCGI: server
"/usr/local/rt3/bin/mason_handler.fcgi" started (pid 7632)
[Tue May 06 17:15:16 2003] [notice] Apache/2.0.45 (Unix) DAV/2
mod_fastcgi/2.4.0 configured – resuming normal operations
Insecure dependency in require while running setgid at
/usr/local/rt3/lib/RT/I18N.pm line 82.
Compilation failed in require at /usr/local/rt3/bin/mason_handler.fcgi
line 28.
[Tue May 06 17:15:17 2003] [warn] FastCGI: server
"/usr/local/rt3/bin/mason_handler.fcgi" (pid 7632) terminated by calling
exit with status ‘255’

Since I have suidperl installed I would think this error would not
occur. Nonetheless it has. Any information would be appreciated.

Thank you.

Ben

Stupid question, but is the perl executable setuid?

chmod u+s /usr/bin/perl----- Original Message -----
From: “Benjamin Herbert” herbert@isis.visi.com
To: rt-users@lists.fsck.com
Sent: Wednesday, May 07, 2003 12:20 AM
Subject: [rt-users] suidperl problem

I am installing rt-3.0.2 on a redhat 8.0 machine. I have perl-5.8.0
installed from rpm and I have perl-suidperl installed from rpm. I have
all perl module dependencies met. I have rt running from the main http
server (not virtual server). Here are the pertinant parts of my
httpd.conf file:

LoadModule fastcgi_module modules/mod_fastcgi.so
FastCgiServer /usr/local/rt3/bin/mason_handler.fcgi
ScriptAlias / /usr/local/rt3/bin/mason_handler.fcgi

In my apache error_log file I get this:

[Tue May 06 17:15:15 2003] [notice] suEXEC mechanism enabled (wrapper:
/usr/local/apache2/bin/suexec)
[Tue May 06 17:15:15 2003] [notice] Digest: generating secret for digest
authentication …
[Tue May 06 17:15:15 2003] [notice] Digest: done
[Tue May 06 17:15:16 2003] [notice] FastCGI: process manager initialized
(pid 7627)
[Tue May 06 17:15:16 2003] [warn] FastCGI: server
"/usr/local/rt3/bin/mason_handler.fcgi" started (pid 7632)
[Tue May 06 17:15:16 2003] [notice] Apache/2.0.45 (Unix) DAV/2
mod_fastcgi/2.4.0 configured – resuming normal operations
Insecure dependency in require while running setgid at
/usr/local/rt3/lib/RT/I18N.pm line 82.
Compilation failed in require at /usr/local/rt3/bin/mason_handler.fcgi
line 28.
[Tue May 06 17:15:17 2003] [warn] FastCGI: server
"/usr/local/rt3/bin/mason_handler.fcgi" (pid 7632) terminated by calling
exit with status ‘255’

Since I have suidperl installed I would think this error would not
occur. Nonetheless it has. Any information would be appreciated.

Thank you.

Ben


rt-users mailing list
rt-users@lists.fsck.com
http://lists.fsck.com/mailman/listinfo/rt-users

Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm

“CK” == Chris Knipe savage@savage.za.org writes:

CK> Stupid question, but is the perl executable setuid?
CK> chmod u+s /usr/bin/perl

that is a BAD thing to do. setuid perl is a separate thing!