Received: with ECARTIS (v1.0.0; list gopher); Sat, 30 Jun 2007 09:09:38 -0500 (CDT) Received: from floodgap.com ([66.159.214.137] ident=elvis) by glockenspiel.complete.org with esmtp (Exim 4.63) id 1I4ddo-0008SH-1C for gopher@complete.org; Sat, 30 Jun 2007 09:09:37 -0500 Received: (from spectre@localhost) by floodgap.com (6.6.6.666.1/2007.01.03) id l5UE9ZBY015354 for gopher@complete.org; Sat, 30 Jun 2007 07:09:35 -0700 From: Cameron Kaiser Message-Id: <200706301409.l5UE9ZBY015354@floodgap.com> Subject: [gopher] Re: Bucktooth questions In-Reply-To: <20070630062739.GB5388@pongonova.net> from "brian@pongonova.net" at "Jun 30, 7 01:27:39 am" To: gopher@complete.org Date: Sat, 30 Jun 2007 07:09:35 -0700 (PDT) X-Mailer: ELM [version 2.4ME+ PL39 (25)] MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit X-Spam-Status: No (score 0.0): AWL=0.007 X-Virus-Scanned: by Exiscan on glockenspiel.complete.org at Sat, 30 Jun 2007 09:09:37 -0500 X-archive-position: 1632 X-ecartis-version: Ecartis v1.0.0 Sender: gopher-bounce@complete.org Errors-to: gopher-bounce@complete.org X-original-sender: spectre@floodgap.com Precedence: bulk Reply-to: gopher@complete.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: Gopher X-List-ID: Gopher List-subscribe: List-owner: List-post: List-archive: X-list: gopher > Well, finally got around to setting up Bucktooth. Right now I'm > testing on an iBook, but will end up running everything on a Linux > box. I'm running under xinetd as user "www". I had to make the > following mods to buckd to get things to work under setgid: > > 1. Remove the perl -s flag from the #! line (can't run this under > setgid) > 2. Untaint $ENV{PATH}, $dinfo, and $request (otherwise, the exec calls > in &mole wouldn't execute without errors) > > Just curious if anyone else had to do this, or if it's just some Mac > weirdness. This is new to me. Perl version? (5.8.6 I assume if you're on 10.4) Exact errors? I wonder if there's something odd about your configuration, because tainting should only be a factor if you're running as root. Also, I'm not sure where PATH is getting involved since exec() is getting passed an absolute filespec, unless I've missed a way it can get there without being validated. I do not claim to write bug-free code :) -- ------------------------------------ personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckaiser@floodgap.com -- If the cops know where Heisenberg is, can he be caught speeding? -----------