Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: How to determine the program path from a set-uid program

by mikfire (Deacon)
on Mar 30, 2000 at 03:18 UTC ( [id://6474]=note: print w/replies, xml ) Need Help??


in reply to How to determine the program path from a set-uid program

I have found this works quite well as a work-around.

Wrap all calls to perl into a binary that is SUID. At the top of any script needing to go suid, put something like: 

  #!/bin/sh
     eval 'exec /usr/local/bin/perlwrap $0 {$1+"$@"}'
     if 0;
where /usr/local/bin/perlwrap has the SUID bit correctly set. The name the script was actually called as ( including the path component ) and all the remaining command line arguments are sent to the wrapper as arguments. The wrapper does the SUID stuff and then runs the script, passing along the arguments. Since the script itself was never SUID, you don't get the file descriptor problem.

You can then use a special ID to control which scripts can and cannot go SUID. Basically, if the script isn't owned by the special ID the permissions get reset to the user's before the script is run.

If you need more help, email me and I will do what I can.

HTH,
Mik Firestone ( perlus bigotus maximus )

  • Comment on Re: How to determine the program path from a set-uid program

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://6474]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chanting in the Monastery: (None)
    As of 2024-04-25 01:53 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      No recent polls found