Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: How to determine the program path from a set-uid program

by mikfire (Deacon)
on Mar 30, 2000 at 03:18 UTC ( #6474=note: print w/replies, xml ) Need Help??


in reply to How to determine the program path from a set-uid program

I have found this works quite well as a work-around.

Wrap all calls to perl into a binary that is SUID. At the top of any script needing to go suid, put something like:

  #!/bin/sh
     eval 'exec /usr/local/bin/perlwrap $0 {$1+"$@"}'
     if 0;
where /usr/local/bin/perlwrap has the SUID bit correctly set. The name the script was actually called as ( including the path component ) and all the remaining command line arguments are sent to the wrapper as arguments. The wrapper does the SUID stuff and then runs the script, passing along the arguments. Since the script itself was never SUID, you don't get the file descriptor problem.

You can then use a special ID to control which scripts can and cannot go SUID. Basically, if the script isn't owned by the special ID the permissions get reset to the user's before the script is run.

If you need more help, email me and I will do what I can.

HTH,
Mik Firestone ( perlus bigotus maximus )

  • Comment on Re: How to determine the program path from a set-uid program

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://6474]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (4)
As of 2022-08-15 18:54 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?