A Perl process running as root that loads modules from a directory owned by a non-root user is not secure. That user may modify the modules in order to do whatever he wants as root.
sudo can be configured to let some user run a command with fixed arguments as root. Use that feature to allow the user to run just the specific rsync command you need (in order to see the rsync command Net::OpenSSH is running under the hood you can set $Net::OpenSSH::debug=-1).
By default, Net::OpenSSH uses a different name for the control socket used to communicate with the OpenSSH client every time and that means passing a different argument to rsync also every time, but you can fix that argument telling the module the control path location to use with the ctl_path option when the object is constructed. For instance:
my $ctl_path = '/home/user/.myapp/ssh_ctl_path';
unlink $ctl_path; # just in case it has been left behind in a previous
+ run of the script.
my $ssh = Net::OpenSSH->new(...
ctl_path => $ctl_path);
$ssh->die_on_error;
system('sudo', 'rsync','-e',"ssh -S $ctl_path",'--blocking-io','-q','-
+-','host:/remote/directory','/local/directory')
and die "rsync command failed: $?";
And add an entry on the sudoers file allowing to run as root without password the following command:
rsync -e ssh -S /home/user/.myapp/ssh_ctl_path --blocking-io -q -- hos
+t:/remote/directory /local/directory
You may need to mangle it in some way as I am not sure of the way sudo handles arguments with spaces... in any case, don't use willcards as it is almost impossible to do so in a secure fashion. |