in reply to How to determine the program path from a set-uid program
After looking around on a Solaris box for a bit, I've also
come to the unfortunate conclusion that there isn't really
anything you can do. There seems to be no trace of the
actual command typed anywhere. ps reports the pid as
running /usr/bin/perl -w /dev/fd/4, and the lack of a
decent /proc system on Solaris is also a dead end. If you
are forced to pick, the latter of the two choices above
sounds like a safer bet... always better to not have to
deal with taint-checking of any external variables in a
program, especially an suid one.
|
---|
In Section
Seekers of Perl Wisdom