Re^2: setuid system() calls on Solaris 11

I'm not sure if the replacement you showed would work on your shell due to the redirection. What I would try first is this:

system('/bin/sh', '-p', '-c', '-e',
    "/usr/bin/cp -f $version/$obj $dest 2> /dev/null"
    )==0 or die "system: \$?=$?";
[download]

I've added some error checking. Note that this suffers from potential security issues if those variables contain any unchecked user input! (And potential quoting issues.) I wrote more on that topic, and how to run external commands using modules, here.

Comment on Re^2: setuid system() calls on Solaris 11 Download Code

Replies are listed 'Best First'.
Re^3: setuid system() calls on Solaris 11 by baataboom (Initiate) on Jul 25, 2018 at 22:11 UTC
Using `system( '/bin/sh', '-pc', "cmd string w/optional stderr and stdout red +irection" );` [download] worked! Excellent. What we had experienced in migrating to the newer OS (Solaris 11) was that some of our system() calls were honoring setuid/setgid and some were not. Yet they were all quite similar (i.e. system( "single param string")). And the Perl docs were not clear (to me) regarding the nuances: `If there are no shell metacharacters in the argument, it is split into words and passed directly to "execvp", ...` [download] Anynow, I'm off to make many changes, replacing system() calls and backticks with calls to a ssystem() wrapper function. Thanks all! Mark	[reply] [d/l] [select]
Re^4: setuid system() calls on Solaris 11 by haukex (Archbishop) on Jul 26, 2018 at 08:36 UTC
backticks You may want to look at IPC::System::Simple's `capturex`, a replacement for backticks that allows the same multi-argument calling convention that avoids the shell (allowing you to call the shell explicitly in the same way I showed above).	[reply] [d/l]


P is for Practical
	PerlMonks