-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

setuid

Setuid is a UNIX command which allows you to change the identification of a current user to another identification. Using a setuid bit, which is found in UNIX files, the system can be set so that a program will run with the permission of the owner, whether or not the owner invoked the program. This is used as a convenience to allow ordinary users to perform tasks that otherwise would be limited to a system administrator, or super-user. You will find that discussion of setuid on newsgroups normally has to do with the security risk that can be created by setuid. The potential for misuse arises from the opportunity for an ordinary user to assume root privileges in areas where he does not have authorized access.

URLs:

Apache Secure CGI patch: This site links to an ftp site from which you can download the SETUID patch to "the wonderful Apache HTTP server."
Setuid Scripts: More about perl setuid scripts.

W3E References:

security
system administrator
UNIX

Print References:

Foundations of Web Programming with HTML and CGI by Ed Tittle, James Michael Stewart et al. Sams Publishing, Indianapolis, IN. 1995

Detail:

It is more difficult to breach security using the setuid bit when a Perl script is used, than when C or other languages are used.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

E-Mail: The World Wide Web Encyclopedia at wwwe@tab.com
E-Mail: Charles River Media at chrivmedia@aol.com
Copyright 1996 Charles River Media. All rights reserved.
Text - Copyright © 1995, 1996 - James Michael Stewart & Ed Tittel.
Web Layout - Copyright © 1995, 1996 - LANWrights & IMPACT Online.
Revised -- February 20th, 1996