http://www.perlmonks.org?node_id=41428


in reply to How do I execute as root?

You should just be able to make the script setuid (chmod u+s) and owned by root. (The root user will have to do this.) Be sure your script runs file with taint-checking enabled. This will require some sanity checks against the $USER variable.

Replies are listed 'Best First'.
RE: Re: How do I execute as root?
by le (Friar) on Nov 14, 2000 at 03:15 UTC
    On Unix systems (OK, I just can tell about FreeBSD and Linux) a script can't be setuid root.

    (Was there something concerning kernel security level...?)
      Works for me:
      (fastolfe) eddie:~$ ls -l test -rwsrwxr-x 1 root fastolfe 53 Nov 13 16:17 test (fastolfe) eddie:~$ ./test uid=500 euid=0 (fastolfe) eddie:~$ cat test #!/usr/bin/perl printf("uid=%d euid=%d\n", $<, $>); (fastolfe) eddie:~$ uname -a Linux eddie.intranet 2.2.16 #1 Thu Jun 8 17:46:12 CDT 2000 i586 unknow +n
      You may have to swap uid/euid as needed, though:
      ($<, $>) = ($>, $<);
RE: Re: How do I execute as root?
by Kurious (Novice) on Nov 14, 2000 at 01:06 UTC
    Thank you for your quick reply. However, I'm new to Perl and Unix for that matter. Please elaborate or point me in the right direction for "taint-checking" and what type of sanity checking to do on the $USER variable.

    Just,
    Kurious

      Check out perlsec, which explains it all. Basically, since you'll be running this as root (with information that is supplied by the user), you need to be certain $USER doesn't contain any evil or harmful characters. If you let the user specify a username of, like, "../../bin", you'd be creating directories and things in very bad places. A simple sanity check should suffice:
      ($USER) = $cgi->param('user') =~ /(\w+)/;
      This would only permit normal alphanumeric characters into $USER, and un-taint it in the process. With taint-checking enabled (-T), Perl will die before letting you use arbitrary user-supplied (or potentially unsafe) information in any critical system calls (like chdir, unlink, open, etc.). Update: Other posts below advocate using a separate script to perform the actual updates as root, and I agree with them 100%. It's infinitely more secure if you keep the user from interacting directly with a setuid script at all. A buffer (in the form of semaphore files or a socket connection) is a better solution to your problem.

      The main perl documentation on taint checking is IIRC in perlrun {my $update = "d'oh ... no it isn't. Fastolfe's right ... but there is some info on -T in this page" }.

      Our own Ovid is currently writing a CGI scripting tutorial, which has some info on security. Try also searching on "taint mode" and "CGI security" and the like on this site to see the fossilized ... err, collected wisdom monks have offered so far.

      Happy coding!

      Philosophy can be made out of anything. Or less -- Jerry A. Fodor