Search Results

Search found 82 results on 4 pages for 'setuid'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 2/4 | < Previous Page | 1 2 3 4  | Next Page >

  • Strict security and virtual host isolation with Nginx?

    - by Hach-Que
    I currently have an Apache web server set up under which each virtual host is isolated using HTTPD-ITK and the AppArmor module. Each virtual host's workers are setuid/setgid by the server and are then placed in an AppArmor profile. I'm looking to use Nginx but I can't find any documentation on setting it up so that rather than the worker processes being shared between all virtual hosts, worker processes are per virtual host (and thus can be setuid / setgid). Is there any way to do this under Nginx?

    Read the article

  • Ubuntu sudo not working

    - by Ron Sebastian
    I wanted to move a file to a /usr/python2.7/ but i was unable to do so, so i changed the permissions of /usr to myuser: sudo chown -R ***** /usr it worked but i realised it was a blunder when sudo stopped working after that. It says: sudo: effective uid is not 0, is sudo installed setuid root? I have seen this post where the accepted solution was to use the policykit: pkexec chown root:root /usr/bin/sudo pkexec chmod 4755 /usr/bin/sudo however, even the policykit is saying that: pkexec must be setuid root please help, i've learned a lesson and will never change permissions for /usr again. Please help me this time!

    Read the article

  • xinet vs iptables for port forwarding performance

    - by jamie.mccrindle
    I have a requirement to run a Java based web server on port 80. The options are: Web proxy (apache, nginx etc.) xinet iptables setuid The baseline would be running the app using setuid but I'd prefer not to for security reasons. Apache is too slow and nginx doesn't support keep-alives so new connections are made for every proxied request. xinet is easy to set up but creates a new process for every request which I've seen cause problems in a high performance environment. The last option is port forwarding with iptables but I have no experience of how fast it is. Of course, the ideal solution would be to do this on a dedicated hardware firewall / load balancer but that's not an option at present.

    Read the article

  • xinet vs iptables for port forwarding performance

    - by jamie.mccrindle
    I have a requirement to run a Java based web server on port 80. The options are: Web proxy (apache, nginx etc.) xinet iptables setuid The baseline would be running the app using setuid but I'd prefer not to for security reasons. Apache is too slow and nginx doesn't support keep-alives so new connections are made for every proxied request. xinet is easy to set up but creates a new process for every request which I've seen cause problems in a high performance environment. The last option is port forwarding with iptables but I have no experience of how fast it is. Of course, the ideal solution would be to do this on a dedicated hardware firewall / load balancer but that's not an option at present.

    Read the article

  • Workaround broken sudo?

    - by perreal
    I managed to break sudo by deleting the libc.so.6 sym-link in /lib. I copied the actual file and created a symbolic link with the same name under my home directory by using LD_PRELOAD=/lib/libc-2.11.3.so. At this point, all binaries linking libc are working through preload except sudo. For sudo, I need to write (and don't know why): $ /lib/ld-linux-x86-64.so.2 --library-path . /usr/bin/sudo but this gives me: $ sudo: must be setuid root Checking the permissions: $ ls -l /usr/bin/sudo $ -rwsr-xr-x 2 root root 166120 So the setuid bit is actually set. Question: I need to create a symbolic link named /lib/libc.so.6 through my active ssh connection without using sudo, or, make sudo work somehow. I don't have the root password and I can't connect through ssh anymore. Is there any other way I can get authorization?

    Read the article

  • Can't access any functions after chown command.

    - by explorex
    I am not being to access any functions in my desktop and I don't have an OS besides Ubuntu and I am new to Ubuntu. I think I rebooted my computer thinking that Google Chrome crashed. I opened Google Chrome but it showed opening message but never opened so I restarted my computer. and when my system was loading (I was playing with keyboard dont know what I typed) and when by Ubuntu loaded, I was unable to access anything some of characteristics are listed below: I cannot hear any sound I cannot access wired ethernet connection on the right corner where I usually enable to access internet and I have no internet. There is no local apache server either. when ever I try to start apacer I get setuid must be root or something. When I type sudo then I get message setuid must be root. I cannot access orther external storage devices like pendrive and portable hard drive and cannot mount my other drives with FAT32 filesystem. When I try to start my apache webserver with out typing sudo then I get message cannnot open socket or something like it. I remember also doing command chown -R www-data / earlier and got error message I cannot shutdown my computer, it only logs off

    Read the article

  • not being able to access any sudo function on my pc

    - by explorex
    Hi, I am not being to access any functions in my desktop and I don't have an OS besides Ubuntu 10.04 Lucid Linux and I am new to ubuntu. I think I rebooted my computer thinking that Google Chrome crashed. I opened Google Chrome but it showed opening message but never opened so I restarted my computer. and when my system was loading ('i was playing with keyboard dont know what I typed') and when by ubutnu loaded, I was unable to access anything some of characteristics are listed below I cannot hear any sound I cannot access wired ethernet connection on the right corner where I usually enable to access interne and I have no internet. There is no local apache server either. when ever I try to start apacer I get setuid must be root or something. When I type sudo then I get message setuid must be root. I cannot access orther external storage devices like pendrive and portable hard drive and cannot mount my other drives with FAT32 filesystem. When I try to start my apache webserver with out typing sudo then I get message cannnot open socket or something like it. EDIT:: i remember also doing command chown -R www-data / earlier and got error message EDIT:: and i cannot shutdown my computer, it only logs off

    Read the article

  • problem injecting Sessionscoped bean in Managed bean

    - by user310852
    I have a Session scoped bean @SessionScoped public class UserData implements Serializable { private String uid; public String getUid() { return uid; } public void setUid(final String uid) { this.uid = uid; } I'm setting a value in a SessionScoped bean in my stateless session bean public void setOperator(final Operator operator) { userData.setUid(operator.getId()); } When I try to get the object with @Inject I only get null @ManagedBean(name = "RoleController") @SessionScoped public class RoleController { ... @Inject private UserData userData; ... public UserData getUserData() { System.out.println("ID"); System.out.println(userData.getUid()); I have a bean.xml

    Read the article

  • CGI, python, and setgid

    - by user331398
    I'm running a compiled python cgi script (using cxfreeze) in Apache. The script, among other things, calls os.setuid(some_uid) os.setgid(some_gid) Obviously some_uid/gid are legal and I set the sticky bit for both user and group, and verified it is indeed set. However on every call i get an error os.setgid(int(self.gid)) OSError: [Errno 1] Operation not permitted As you may notice, setuid() is successful, setgid is not. Which is very weird, at least for me, though I admit I have little experience with permissions in Linux. Any thoughts/ideas are welcome. I'm using apache 2.2.15, python 2.6.5, RHEL 5.4 (kernel 2.6.18) Thank you

    Read the article

  • can't mount ntfs partition without root access

    - by tachyons
    whenever try to mount ntfs partition it says Error mounting: mount exited with exit code 1: helper failed with: Unprivileged user can not mount NTFS block devices using the external FUSE library. Either mount the volume as root, or rebuild NTFS-3G with integrated FUSE support and make it setuid root. Please see more information at http://tuxera.com/community/ntfs-3g-faq/#unprivileged I tried this answer but it wont work

    Read the article

  • Error mounting an external HDD

    - by Slash
    I want to mount an external HDD.I have tried many things but still no success.When i try to mount it from Disk Utility i get this error: Error mounting: mount exited with exit code 1: helper failed with: Unprivileged user can not mount NTFS block devices using the external FUSE library. Either mount the volume as root, or rebuild NTFS-3G with integrated FUSE support and make it setuid root. Please see more information at tuxera.com/community/ntfs-3g-faq/#unprivileged

    Read the article

  • I have this code .... Ethical Hacking

    - by kmitnick
    hello folks, I am following this EBook about Ethical Hacking, and I reached the Linux Exploit Chapter, this is the code with Aleph's 1 code. //shellcode.c char shellcode[] = //setuid(0) & Aleph1's famous shellcode, see ref. "\x31\xc0\x31\xdb\xb0\x17\xcd\x80" //setuid(0) first "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b" "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd" "\x80\xe8\xdc\xff\xff\xff/bin/sh"; int main() { //main function int *ret; //ret pointer for manipulating saved return. ret = (int *)&ret + 2; //setret to point to the saved return //value on the stack. (*ret) = (int)shellcode; //change the saved return value to the //address of the shellcode, so it executes. } I give this the super user privileges, with chmod u+s shellcode as a super user, then go back to normal user with su - normal_user but when I run ./shellcode I should be a root user but instead I still be normal_user so any help?? btw I am working on BT4-Final, I turned off the ASLR, and running BT4 in VMWare...

    Read the article

  • Process limit for user in Linux

    - by BrainCore
    This is the standard question, "How do I set a process limit for a user account in Linux to prevent fork-bombing," with an additional twist. The running program originates as a root-owned Python process, which then setuids/setgids itself as a regular user. As far as I know, at this point, any limits set in /etc/security/limits.conf do not apply; the setuid-ed process may now fork bomb. Any ideas how to prevent this?

    Read the article

  • nocheck within admin file for pkgadd still asks questions

    - by romant
    I place the following into an admin file called noask mail= instance=overwrite partial=nocheck runlevel=nocheck idepend=nocheck rdepend=nocheck space=nocheck setuid=nocheck conflict=nocheck action=nocheck basedir=default Then run pkgadd -a noask -d sed-4.1.5-sol10-x86-local - yet am still queried for: 'Select package(s) you wish to process' Is there a way around the questioning without doing an "echo yes" at the front? Thank you

    Read the article

  • Permit any user to mount any CIFS share

    - by A.K
    Essentially, I want the Ubuntu pre-10.10 behaviour back. The setuid method (see notes) does not work anymore. I search a lot on the Internet, but I haven't found a satisfying solution. I have read a solution that involves editing the sudoers file (ALL ALL=NOPASSWD:/sbin/mount.cifs). But then, the users would also be able to specify a directory as a mount-point they normally would not have access to, right? This is not what I want.

    Read the article

  • according root permission to www-data

    - by user2478348
    i have a perl script dhcpmanip.pl which contain this line: system "hostapd /etc/hostapd-1.0/hostapd/hostapd.conf " it's a command to start hostapd!and i get this error : Insecure $ENV{PATH} while running setuid at /var/www/cgi-bin/dhcpmanip.pl line 46 After searching on the net i realised that i should accord root permission to www-data user (apache user) then i tried to modify the file /etc/sudoers by inserting this line : www-data ALL=NOPASSWD: /var/www/cgi-bin/dhcpmanip.pl but it still not working...does anyone have any idea about how solving this problem??thx alot

    Read the article

  • How do you set the default user in Linux for file creation?

    - by Not a Name
    I want to create a directory, for example: /public/all But I want it so that if you create a file in all, the owner is root, but anyone with access to the /public/all folder can delete/edit/etc the file, just not change the permissions. (I will use a self-created "setx" application to change the execute value if needed.) Reason for this, I don't want you to be able to deny other users write/read access to files in /public/all. I heard setuid on directories doesn't work for that.

    Read the article

  • Revert permission of /usr back to root

    - by Rodrigo Sasaki
    I was doing some alterations but in one I messed up. I changed the permissions of almost everything inside the /usr folder to my own user. It didn't change everything because it failed in the middle of the execution, I still have /sbin, /share and /src assigned to root. the command I ran was this (this was executed while inside /usr): sudo chown -R myuser:myuser . Is there any way for me to revert this? If I run: sudo chown -R root:root . I get this error: sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set

    Read the article

  • Printing with Lacie Lightscribe requires root privileges

    - by James
    I have installed Lacie Lightscribe software on Ubuntu 12.04. Everything seems to be fine, the drive is detected, the proper media is detected, but when I click print I get the message "Printing Requires Root Privileges". I am the main (administrator) account on this computer, part of the sudo group and I cannot seem to find an answer to this dilemna in plain english. I've seen some apparently relevant posts which say things like "check whether the files /usr/4L/4L-gui and /usr/4L/4L-cli have any setuid-bits set. If so, remove them" but I need more detailed step-by-step instructions than that, please. Is there anyone who knows how to solve this?

    Read the article

  • I have lost sudo privileges in Ubuntu 13.04 [duplicate]

    - by Fredca
    This question already has an answer here: How do I add myself back as a sudo user? 3 answers I have lost sudo privileges in Ubuntu 13.04 these are the responses I get user@user-desktop:~$ sudo sudo: effective uid is not 0, is sudo installed setuid root? user@user-desktop:~$ groups user user : user adm cdrom sudo dip plugdev lpadmin sambashare user@user-desktop:~$ su user Password: su: Authentication failure user@user-desktop:~$ who am i user pts/0 2013-10-24 08:54 (:0.0) user@user-desktop:~$ why can't I invoke sudo if one of my groups is sudo? also I have noticed that /etc/sudoers needs sudo privileges. sudoers.so doesn't exist in /usr/lib but does in /usr/lib/sudo is this correct in 13.04? Please note that the user is already a member of both sudo and adm groups.

    Read the article

  • Why does nothing work after I randomly changed some file permissions?

    - by Josh B
    Ok so last night i was trying to set permissions to some folders in my File System, since apparently im not an admin on my own computer. And now everything got messed up today and i don't know what to do.. I lost my internet, the icon is not showing in the taskbar anymore. I lost my sound, there is no sound devices listed when i go into the sound menu. I can not log into root anymore, it gives me "sudo: must be setuid root" I can not plug anything in anymore, it will not recognize flash drives or external hard drives. It gives me a Internal Error message everytime i log in It doesn't let me log into the Grub screen anymore on boot up. What did i do? I have a lot of files on here i wish to put on a flash drive but it won't recognize it.

    Read the article

  • Process limit for user in Linux

    - by BrainCore
    This is the standard question, "How do I set a process limit for a user account in Linux to prevent fork-bombing," with an additional twist. The running program originates as a root-owned Python process, which then setuids/setgids itself as a regular user. As far as I know, at this point, any limits set in /etc/security/limits.conf do not apply; the setuid-ed process may now fork bomb. Any ideas how to prevent this?

    Read the article

  • OpenSUSE Yast permissions for user

    - by pajton
    I have an OpenSUSE 11.4 box with Kde 4.6. I am currently working to create a sandbox environment for the user, let's call hime bob. Bob isn't allowed to do much in the system, but I'd like to let him configure certain things in yast. I have dektop shortcuts for particular yast modules, e.g. the shortcut executes xdg-su -c "/sbin/yast2 lan" to launch yast lan configuration. Now, I do not want Bob to have to enter password to launch this configuration (just please don't tell me it's insecure - I know this, in this particular setting it is going to be OK). I wanted to do this with setuid, but obiously setting it on *.desktop shortcut doesn't work. There is sudo approach, but I would have to allow Bob to use all yast modules. So, is there anything more fine-grained to set the permissions for exact yast modules? Thanks in advance!

    Read the article

  • I can't run uwsgi as normal user

    - by atomAltera
    I want to run uwsgi server as www user, but if I write: uwsgi --socket $SOCKET --chmod-socket 666 --pidfile $PIDFILE --daemonize $LOGFILE --chdir $CHDIR --pp $PYTHONPATH --module main --post-buffering 8192 --workers 1 --threads 10 --uid www --gid www A socket creation error occurs: Log: 1 *** Starting uWSGI 1.4.1 (64bit) on [Mon Dec 10 22:15:23 2012] *** 2 compiled with version: 4.4.5 on 17 November 2012 23:31:14 3 os: Linux-2.6.32-5-amd64 #1 SMP Sun Sep 23 10:07:46 UTC 2012 4 nodename: autoblog 5 machine: x86_64 6 clock source: unix 7 pcre jit disabled 8 detected number of CPU cores: 2 9 current working directory: / 10 writing pidfile to /tmp/uwsgi_mysite.pid 11 detected binary path: /usr/local/bin/uwsgi 12 setgid() to 1002 13 set additional group 1004 (files) 14 setuid() to 1002 15 *** WARNING: you are running uWSGI without its master process manager *** 16 your memory page size is 4096 bytes 17 detected max file descriptor number: 1024 18 lock engine: pthread robust mutexes 19 unlink(): Operation not permitted [core/socket.c line 109] 20 bind(): Address already in use [core/socket.c line 141]

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4  | Next Page >