Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot

Re: setuid: Perl v C

by tachyon (Chancellor)
on May 05, 2003 at 06:53 UTC ( #255576=note: print w/ replies, xml ) Need Help??

in reply to setuid: Perl v C

As Zaxo point out you can't have suid root scripts ie perl on Linux. I use sudo as he suggests and find it works well. For example I have an application that I need to have CGI scripts be able to send SIG HUPs to. The CGI scripts don't have sufficient permissions running as user apache to do this so this is how I set it up so they can do it:

#!/usr/bin/perl -w # # this script needs to be run as root, to do this we add an entry to # /etc/sudoers so that just apache can run it suid root # NB: you must edit this file using visudo, ie # visudo -f /etc/sudoers # add this line # apache ALL=NOPASSWD:/home/scripts/ # In CGI call as system('sudo', '/home/scripts/'); my $PROGRAM = ''; @ps = `ps ax`; @ps = map { m/(\d+)/; $1 } grep { /\Q$PROGRAM\E/ } @ps; # for debugging lets see who we think we are.... #printf("uid=%d euid=%d<br>\n", $<, $>); for ( @ps ) { (kill HUP, $_) or exit 42; } my $time = gmtime(); warn "[$time] Sent SIGHUP to $PROGRAM @ps\n"; exit 0;

By using sudo then the script is not suid per se but a CGI can run it suid root (and only this script)




Comment on Re: setuid: Perl v C
Download Code

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://255576]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (4)
As of 2015-11-27 23:57 GMT
Find Nodes?
    Voting Booth?

    What would be the most significant thing to happen if a rope (or wire) tied the Earth and the Moon together?

    Results (735 votes), past polls