Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Comment on

( #3333=superdoc: print w/ replies, xml ) Need Help??
Fellow Monks,

the situation at hand is a CGI script which needs to be run as a certain user and which has to call several commands only available to that user using shared libraries found in the users LD_LIBRARY_PATH.

Lucky are those who have Apache2 which ships with mod_suexec by default, but not alas! on the system I have to work on.

Next I tried to run that CGI script suid to the user in question (not root), I went through the perlsec manpage, cleaned my path and other environments and untained all the input until finally the script would start and try to call the external command (using system()). Then the dynamic linking failed. I tried to set $ENV{'LD_LIBRARY_PATH'}, I preceded the actual command with the variable like this:

my $cmd = "LD_LIBRARY_PATH=/path/to/libs command arg1 arg2"; system($cmd) and die "..";
but to no avail. Any pointers, hints and tips welcome. Can you help me out?

Update: Fixed the typo in the title.

Regards... stefan k
you begin bashing the string with a +42 regexp of confusion


In reply to Apache, no suexec, suid and the environment by stefan k

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • Outside of code tags, you may need to use entities for some characters:
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others musing on the Monastery: (7)
    As of 2014-12-25 06:19 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      Is guessing a good strategy for surviving in the IT business?





      Results (159 votes), past polls