Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?

Re^3: Can the user a script runs as be changed?

by Lexicon (Chaplain)
on Jul 04, 2004 at 17:44 UTC ( #371728=note: print w/replies, xml ) Need Help??

in reply to Re^2: Can the user a script runs as be changed?
in thread Can the user a script runs as be changed?

Just because it's dangerous isn't a reason not to teach it to them. Everyone has to learn about it for the first time sometime. It is responsible to give them the "But don't do that." disclaimer, though.
  • Comment on Re^3: Can the user a script runs as be changed?

Replies are listed 'Best First'.
Re^4: Can the user a script runs as be changed?
by tachyon (Chancellor) on Jul 04, 2004 at 23:58 UTC

    Everyone has to learn about it for the first time sometime.

    Of course they do but hopefully by that stage they have discovered the man pages and/or read a basic book. Of the two objections I raised the first was the fact that you typically can't run suid scripts on a large number of the servers out there without recompiling the kernel to remove that restriction or wrapping the script with a short C execv() function. Have you ever actually tried it?

    [user]$ cat #!/usr/bin/perl print "This is a suid test\n"; [user]$ chmod +s [user]$ ll -rwsr-xr-x 1 user coders 203 Mar 10 02:41 [user]$ ./ Can't do setuid [user]$ su root Password: [root]# ./ This is a suid test [root]# exit exit [user]$ ./ Can't do setuid $ uname -sr Linux 2.4.18-27.7.xsmp $



      I've never needed to do anything in this arena, but my comments aren't about what is the right thing to do. I just wanted to emphasize that it's good to talk about all available options. 1) It helps you understand the underlying mechanics better. 2) When you see a new option, you might realize that you were going about it all wrong anyway, and rearranging your code around the new option would increase elegance. I would rather say, "setuid is an answer, but it's the wrong one." than not mention it at all. That's all.

        Suck it and see. 50% of my wisdom is sucked, 50% is seed.... Somewhere we need to make room for at least 10% attitude and total BS but you get that......



Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://371728]
[Corion]: (maybe I should write this up as a SoPW) - currently, the "most efficient" data structure I come up with is a single array which I scan for the first fitting one-shot. Not efficient but I don't expect more than five outstanding one-shots anyway
[choroba]: can't you create a meta-key corresponding to the disjunction of the events?
[robby_dobby]: Corion: Heh. This whole thing smells of Strategy Pattern or MVC pattern.
[Corion]: And performance linear to the number of registered one-shots doesn't feel that bad. Maybe I should collect statistics on how many callbacks are outstanding ;)
[Corion]: choroba: Yes, but the longer I thought about efficient hashes mapping the event type back to their callbacks, and how to keep them in sync, the more I thought that all that optimization might just not be worth it, even if it's horribly inelegant
[Lady_Aleena]: My biggest problem with hashes at the moment is one with 2,501 keys.
[choroba]: how many event types are there?
[Corion]: Also I found that I can't conveniently weaken an array slot, which also is inconvenient, as I want my one-shots to disappear if the caller discards them
[Corion]: choroba: Currently two or three that my program handles (WWW::Mechanize:: Chrome), but there might be more that become interesting
[Corion]: But I don't expect more than 100 to be active at the same time, so I'm not really sure if there is a not-too-fancy data structure that is maintained with few lines of code where the performance is better than the linear scan ;)

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (7)
As of 2017-05-29 07:56 GMT
Find Nodes?
    Voting Booth?