I am trying to run it from the command line. Basically, I am usign the system() command to call ipchains. The only error that I am getting is "ipchains (must be root to run this program)". Chris ______________________________ Reply Separator _________________________________ Subject: Re: [thelist] Perl script as root Author: thelist-admin at lists.evolt.org at INTERNET Date: 2/14/2002 10:45 AM Most UNIX operating systems won't let you do this on scripts. There's a race condition in the kernel for setuid script execution which is a security hole. Are you trying to run your program from the command line? What are the errors that you are getting? You should probably use taintperl as well, use -T flag, so that Perl will warn of possible security problems. Dean David Gray writes: > You have to turn on the setuid bit of your script so that it runs as the > user it's owned by. You can do this using this syntax (the file has to > be executable): > > chmod +s script.pl > > If you'd like to check what user your script is running as before you > try the setuid stuff, you can check $< (real uid) and $> (effective uid) > within your program. > > HTH, > > -dave > > > -----Original Message----- > From: thelist-admin at lists.evolt.org > [mailto:thelist-admin at lists.evolt.org] On Behalf Of CDitty > Sent: Wednesday, February 13, 2002 10:07 PM > To: thelist at lists.evolt.org > Subject: [thelist] Perl script as root > > > Hello all, > > I wrote a little perl script that catches the ip addresses for people > trying to access formmail.pl on my site. The script is supposed to add > the ip to the firewall blocking them from accessing my site in the > future. Problem is, ipchains needs to be run by root. I have given the > script root permissions, but it still won't work right. Does anyone > know how to make a script run as root? > > Thanks > > Chris -- For unsubscribe and other options, including the Tip Harvester and archive of thelist go to: http://lists.evolt.org Workers of the Web, evolt !