Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw


by hotshot (Prior)
on Dec 10, 2001 at 19:02 UTC ( #130671=perlquestion: print w/replies, xml ) Need Help??
hotshot has asked for the wisdom of the Perl Monks concerning the following question:

Hello everyone !

Can someone explain in a few words what exactly is 'suidperl', the case where my script starts with:
#!/usr/bin/suidperl -w


Replies are listed 'Best First'.
Re: suidperl
by arhuman (Vicar) on Dec 10, 2001 at 19:12 UTC
    For security reasons, modern unices disable SUID bit on scripts.
    (Beccause it's often IMPOSSIBLE to have safe SUID shell script)
    suidperl allow you to use this suid feature even on such system...

    For a detailed explanation see : perlsec...

    Another (more general) safe way is the prog sudo

    "Only Bad Coders Code Badly In Perl" (OBC2BIP)
      There have before been security problems in suidperl. And the sudo utility works just fine for me. Therefore given a choice, I always remove suidperl and use sudo instead.
Re: suidperl
by Erik Hensema (Sexton) on Dec 10, 2001 at 21:39 UTC

    Your scripts should never start with

    #!/usr/bin/suidperl -w

    Allways just use /usr/bin/perl.

    suidperl is needed to be able to run scripts setuid. Usually this is impossible, because scripts are handled by an interpreter which isn't installed setuid.

    'Running setuid' means that a program is started as if it was started by it's owner. So, if a file is owned by root:root and is setuid, it would be running with root priveliges regardless of what user started it. On startup, suidperl will change it's effective user-id to the id of the script's owner.

    Read man perlsec for more information.

    A script however is started with the permissions of the interpreter. So, if you make a script setuid it wouldn't have any effect. This is where suidperl comes in: suidperl is usually installed setuid root:root and is automatically invoked by perl when perls sees the scripts it's about to start is setuid.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://130671]
Approved by root
[choroba]: I often can't log in to pause. But after it fails for the first time, everything works for the second time.
[cavac]: Ok, thanks for the information
[choroba]: Yes, tried now. Login didn't show the login window at all, timed out, but worked for the second time instantly.
[choroba]: Trying the daemon log...
[choroba]: It seems very slow. But the internet is weird here in Vietnam...
[choroba]: again, stopping it and trying for the second time fixed the problem

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (13)
As of 2017-02-22 09:08 GMT
Find Nodes?
    Voting Booth?
    Before electricity was invented, what was the Electric Eel called?

    Results (325 votes). Check out past polls.