Received: with ECARTIS (v1.0.0; list gopher); Sat, 30 Jun 2007 09:43:36 -0500 (CDT) Received: from floodgap.com ([66.159.214.137] ident=elvis) by glockenspiel.complete.org with esmtp (Exim 4.63) id 1I4eAg-0000Wu-TH for gopher@complete.org; Sat, 30 Jun 2007 09:43:36 -0500 Received: (from spectre@localhost) by floodgap.com (6.6.6.666.1/2007.01.03) id l5UEhZpc017452 for gopher@complete.org; Sat, 30 Jun 2007 07:43:35 -0700 From: Cameron Kaiser Message-Id: <200706301443.l5UEhZpc017452@floodgap.com> Subject: [gopher] Re: Bucktooth questions In-Reply-To: <20070630134015.GA6348@pongonova.net> from "brian@pongonova.net" at "Jun 30, 7 08:40:15 am" To: gopher@complete.org Date: Sat, 30 Jun 2007 07:43:34 -0700 (PDT) X-Mailer: ELM [version 2.4ME+ PL39 (25)] MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit X-Spam-Status: No (score 0.0): AWL=0.007 X-Virus-Scanned: by Exiscan on glockenspiel.complete.org at Sat, 30 Jun 2007 09:43:36 -0500 X-archive-position: 1634 X-ecartis-version: Ecartis v1.0.0 Sender: gopher-bounce@complete.org Errors-to: gopher-bounce@complete.org X-original-sender: spectre@floodgap.com Precedence: bulk Reply-to: gopher@complete.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: Gopher X-List-ID: Gopher List-subscribe: List-owner: List-post: List-archive: X-list: gopher > > > Well, finally got around to setting up Bucktooth. Right now I'm > > > testing on an iBook, but will end up running everything on a Linux > > > box. I'm running under xinetd as user "www". I had to make the > > > following mods to buckd to get things to work under setgid: > > It's not your code (but forcing it to run under taint mode might be a > good idea). It's just Perl saying "Hey, in case you didn't realize > it, I'm running this in taint mode, even though you didn't specify -T, > and you'll have to live with it." Living with "it" means doing things > like untaininting $ENV{PATH} (even if it's not used -- a requirement > when calling exec(), because an exec'd() process would have access to > whatever is in $ENV{PATH}). Nothing personal, but I do know what taint mode is :) however, what I don't understand is how you're running it taint since, frankly, I haven't tested it in that environment (obviously). If you're running it as www, unless you're running it under something other than inetd or xinetd, I'm not sure how it's getting invoked. How are you running it? -- ------------------------------------ personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckaiser@floodgap.com -- As a computer, I find your faith in technology amusing. --------------------