Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery

Perl Security

by ddarby14 (Initiate)
on Feb 06, 2009 at 01:45 UTC ( #741767=perlquestion: print w/replies, xml ) Need Help??
ddarby14 has asked for the wisdom of the Perl Monks concerning the following question:

Hi Monks - I'm setting up access for a Perl contractor to help out with the work load and concerned about security and what he has access to. Playing the deviant, I plugged an OPEN command to read a root-owned file in a root-owned directory elsewhere on the server and surprised to see that it didn't give me a script error - instead it printed out the file as requested.

Does it make sense that a script running with these permissions, as this apache user should be able to run an OPEN command to read a root-owned file or directory?

Our Apache 2 server has a test domain with setup as:

SuexecUserGroup        xuser xgroup

The script and it's directory both have permissions as 0755, xuser, xgroup.

I appreciate your time and insight to sort this out. Thx!

Replies are listed 'Best First'.
Re: Perl Security
by jasonk (Parson) on Feb 06, 2009 at 02:17 UTC

    root-owned doesn't mean anything. If the permissions on the file allow it to be read, then it will be read.

    Also, this is an Apache question, or possibly a file permissions question, it isn't even remotely a perl question.
    We're not surrounded, we're in a target-rich environment!
Re: Perl Security
by jethro (Monsignor) on Feb 06, 2009 at 04:04 UTC

    Don't look at the permissions of the script, check the permissions of the file you tried to open. If this file has its read-permission for 'other' (i.e. everyone) set then everyone can read the file.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://741767]
Approved by planetscape
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (4)
As of 2018-03-22 06:43 GMT
Find Nodes?
    Voting Booth?
    When I think of a mole I think of:

    Results (273 votes). Check out past polls.