Hi,
I have a script that needs to find out where it was executed from. The following script:
#!/usr/bin/perl -w
print "$0\n";
normally works ok. However, if the script is set-uid
(to any user) it prints something like "/dev/fd/3". This
is under Solaris 2.7. The FindBin modules uses $0 as its
starting point, so it doesn't work either.
I read somewhere that this is a trick used by some
kernels to safely execute set-uid scripts: when a set-uid
script is invoked, the kernel passes the script to the
interpreter using a file descriptor instead of the file
name directly, to avoid race conditions. If this is the case,
my problem may be unsolvable, but I thought I would ask
anyway.
I asked in comp.lang.perl.misc about this, and got two main
suggestions, which I list with their drawbacks:
- Have a non-suid wrapper script that gets the program
path, stores in in an environment variable and then executes
the suid script. Drawback: anyone can set the environment
variable and execute the suid script directly.
- Have a "helper" non-suid script that prints its path
to stdout, and that is stored in the same directory as the
suid script. Then the suid script can use it to find out
its path. Drawback: the directory where both scripts are
stored has to be in the user's path.
So I'm still looking for a real answer to my question.
Any ideas will be very appreciated!
Thanks,
--Diego
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|