Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

Re: setuid: Perl v C

by tachyon (Chancellor)
on May 05, 2003 at 06:53 UTC ( #255576=note: print w/replies, xml ) Need Help??

in reply to setuid: Perl v C

As Zaxo point out you can't have suid root scripts ie perl on Linux. I use sudo as he suggests and find it works well. For example I have an application that I need to have CGI scripts be able to send SIG HUPs to. The CGI scripts don't have sufficient permissions running as user apache to do this so this is how I set it up so they can do it:

#!/usr/bin/perl -w # # this script needs to be run as root, to do this we add an entry to # /etc/sudoers so that just apache can run it suid root # NB: you must edit this file using visudo, ie # visudo -f /etc/sudoers # add this line # apache ALL=NOPASSWD:/home/scripts/ # In CGI call as system('sudo', '/home/scripts/'); my $PROGRAM = ''; @ps = `ps ax`; @ps = map { m/(\d+)/; $1 } grep { /\Q$PROGRAM\E/ } @ps; # for debugging lets see who we think we are.... #printf("uid=%d euid=%d<br>\n", $<, $>); for ( @ps ) { (kill HUP, $_) or exit 42; } my $time = gmtime(); warn "[$time] Sent SIGHUP to $PROGRAM @ps\n"; exit 0;

By using sudo then the script is not suid per se but a CGI can run it suid root (and only this script)




Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://255576]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (3)
As of 2020-09-30 22:28 GMT
Find Nodes?
    Voting Booth?
    If at first I donít succeed, I Ö

    Results (170 votes). Check out past polls.