[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Need to know default permissions and ownerships for cobalt CGI
- Subject: Re: [cobalt-security] Need to know default permissions and ownerships for cobalt CGI
- From: David Lucas <david@xxxxxxxxxxxxxxxx>
- Date: Fri, 18 Apr 2003 14:56:31 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 02:41 PM 4/18/2003, you wrote:
The story for why is here:
http://www.webhostingtalk.com/showthread.php?s=7d8c602c2f91e5370cd8573f15a8e762&threadid=133125
but my siteadmin and admin gui do not work.
When I access them from the shell I get this stuff:
I'm getting this from the shell:
[admin siteUserList]$ ./siteUserList.cgi
Can't locate Cobalt/Meta.pm in @INC (@INC contains:
/usr/lib/perl5/5.00503/i386-linux /usr/lib/perl5/5.00503
/usr/lib/perl5/site_perl/5.005/i386-linux /usr/lib/perl5/site_perl/5.005
.) at /usr/lib/perl5/site_perl/5.005/Cobalt/User.pm line 48.
BEGIN failed--compilation aborted at
/usr/lib/perl5/site_perl/5.005/Cobalt/User.pm line 48.
BEGIN failed--compilation aborted at
/usr/lib/perl5/site_perl/5.005/Cobalt/Ftp.pm line 31.
BEGIN failed--compilation aborted at
/usr/lib/perl5/site_perl/5.005/Cobalt/Vsite.pm line 58.
[admin siteUserList]$
and this:
[root siteUserList]# ./siteUserList.cgi
location: /.cobalt/error/forbidden.html
Unauthorised access by , not a member of .
I notice the files are all owned by root but don't have a working box to
compare to. That seems odd to me.
drwxr-xr-x 2 root
root 1024 Feb 26 02:23
admin
drwxr-xr-x 2 root
root 1024 Feb 26 02:23
alert
drwxr-xr-x 2 root
root 1024 Feb 26 02:23
alertSignal
drwxr-xr-x 2 root
root 1024 Feb 26 02:23
arkeia
. . ..
The box is a raq 4.
Those aren't files, but directories and yes they are owned by
root.
Looks a bit like perl was upgraded. I think it was written that it
would hose the GUI.
You can install an updated perl, but it has to be in a different
directory as to not hose the GUI.
Did you update perl?
--
This message has been scanned for viruses and
dangerous content by
MailScanner,
and is
believed to be clean.