Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: setuid: Perl v C

by tachyon (Chancellor)
on May 05, 2003 at 06:53 UTC ( #255576=note: print w/ replies, xml ) Need Help??


in reply to setuid: Perl v C

As Zaxo point out you can't have suid root scripts ie perl on Linux. I use sudo as he suggests and find it works well. For example I have an application that I need to have CGI scripts be able to send SIG HUPs to. The CGI scripts don't have sufficient permissions running as user apache to do this so this is how I set it up so they can do it:

#!/usr/bin/perl -w # sendHUP.pl # this script needs to be run as root, to do this we add an entry to # /etc/sudoers so that just apache can run it suid root # NB: you must edit this file using visudo, ie # visudo -f /etc/sudoers # add this line # apache ALL=NOPASSWD:/home/scripts/sendHUP.pl # In CGI call as system('sudo', '/home/scripts/sendHUP.pl'); my $PROGRAM = 'program.pl'; @ps = `ps ax`; @ps = map { m/(\d+)/; $1 } grep { /\Q$PROGRAM\E/ } @ps; # for debugging lets see who we think we are.... #printf("uid=%d euid=%d<br>\n", $<, $>); for ( @ps ) { (kill HUP, $_) or exit 42; } my $time = gmtime(); warn "[$time] Sent SIGHUP to $PROGRAM @ps\n"; exit 0;

By using sudo then the script is not suid per se but a CGI can run it suid root (and only this script)

cheers

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print


Comment on Re: setuid: Perl v C
Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://255576]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (7)
As of 2015-07-03 17:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (55 votes), past polls