Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Calling a setuid script in a perl script

by hmadhi (Acolyte)
on Nov 18, 2011 at 16:21 UTC ( [id://938877]=note: print w/replies, xml ) Need Help??


in reply to Perl Setuid - Oracle Password Hardcoding

I have two perl scripts:

1. getPwd.pl - setuid perl script that returns a password

sub getOraPwd{ ... ... return $password; } getOraPwd();

2. testDBConn.pl

I want to call getPwd.pl in the testDBConn.pl script and assign the result of the getPwd script to the $password variable to connect to a database. Remember the getPwd.pl script is setuid, and therefore setup for the testDBConn.pl to run getPwd.pl

eg.

$username="blah"; $password=result from getPwd.pl $dsn=qq{...}; $dbh=DBI->connect($dsn, $username, $password)};

Replies are listed 'Best First'.
Re: Calling a setuid script in a perl script
by afoken (Chancellor) on Nov 19, 2011 at 08:32 UTC

      Apologies, You are correct. However I also needed to know how to pass a value from one script to another. I am indeed now going to use sudo.

      This is the error I get sudo: sorry, you must have a tty to run sudo

        Thanks. I am using: Red Hat Enterprise Linux Server release 5.7 (Tikanga). Will check why

        the problem is that sudo requires a tty to run. You will not be able to run sudo on a crontab or cgi.

Re: Calling a setuid script in a perl script
by chilledham (Friar) on Nov 18, 2011 at 16:52 UTC

    In testDBConn.pl:

    # assuming getPwd.pl is in @INC require 'getPwd.pl'; $password = getOraPwd();
    For this to work getPwd.pl will need to return a true value. That's as simple as putting 1; as the last line in the script.

    You might also consider creating a module and use'ing that. This might be helpful in such a venture: José's Guide for creating Perl modules

      I assume the OP wants it as an extra suid script because it must read a file the main script has no permissions for, and it makes complete sense to keep the suid portions of a script as small as possible. Making the whole thing a module would defeat this purpose.

      If I understood this correctly, the solution is very easy:

      $password = `getPwd.pl`; chomp $password;

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://938877]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others perusing the Monastery: (7)
As of 2024-03-28 19:44 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found