Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

Re: setuid: Perl v C

by tachyon (Chancellor)
on May 05, 2003 at 06:53 UTC ( #255576=note: print w/ replies, xml ) Need Help??


in reply to setuid: Perl v C

As Zaxo point out you can't have suid root scripts ie perl on Linux. I use sudo as he suggests and find it works well. For example I have an application that I need to have CGI scripts be able to send SIG HUPs to. The CGI scripts don't have sufficient permissions running as user apache to do this so this is how I set it up so they can do it:

#!/usr/bin/perl -w # sendHUP.pl # this script needs to be run as root, to do this we add an entry to # /etc/sudoers so that just apache can run it suid root # NB: you must edit this file using visudo, ie # visudo -f /etc/sudoers # add this line # apache ALL=NOPASSWD:/home/scripts/sendHUP.pl # In CGI call as system('sudo', '/home/scripts/sendHUP.pl'); my $PROGRAM = 'program.pl'; @ps = `ps ax`; @ps = map { m/(\d+)/; $1 } grep { /\Q$PROGRAM\E/ } @ps; # for debugging lets see who we think we are.... #printf("uid=%d euid=%d<br>\n", $<, $>); for ( @ps ) { (kill HUP, $_) or exit 42; } my $time = gmtime(); warn "[$time] Sent SIGHUP to $PROGRAM @ps\n"; exit 0;

By using sudo then the script is not suid per se but a CGI can run it suid root (and only this script)

cheers

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print


Comment on Re: setuid: Perl v C
Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://255576]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (8)
As of 2014-09-02 09:08 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite cookbook is:










    Results (20 votes), past polls