s*******l
发帖数: 8 | 1 I have a perl program which will create a file. I set the setuid permission
for the perl program, say: chmod 6755 myperl.pl
Then, when I execute it as other users, either the created file is owned by
another user (say, root), or an error happened and the program can not be
run by others:
Insecure ENV{$PATH} ....
How to deal with this? Thanks a lot. | p******f
发帖数: 162 | 2
you are adviced to explicitly set the $PATH env var in a setuid perl
program, read 'man perlsec' for details.
【在 s*******l 的大作中提到】
: I have a perl program which will create a file. I set the setuid permission
: for the perl program, say: chmod 6755 myperl.pl
: Then, when I execute it as other users, either the created file is owned by
: another user (say, root), or an error happened and the program can not be
: run by others:
: Insecure ENV{$PATH} ....
: How to deal with this? Thanks a lot.
| s*******l
发帖数: 8 | 3 What if the perl tries to install some program? Who will be the owner?
Thanks a lot.
【在 p******f 的大作中提到】
:
: you are adviced to explicitly set the $PATH env var in a setuid perl
: program, read 'man perlsec' for details.
| p******f
发帖数: 162 | 4 the owner of the perl executable, if setuid.
the person who runs the executable, otherwies.
【在 s*******l 的大作中提到】
: What if the perl tries to install some program? Who will be the owner?
: Thanks a lot.
| o***z
发帖数: 133 | 5 save the effective uid at the beginning by $euid=$EUID (if you use English)
then set it back to the real UID by saying $EUID=$UID
switch back to enhanced permission by $EUID=$euid only when necessary
and reduce to normal permission as early as possible
【在 s*******l 的大作中提到】
: I have a perl program which will create a file. I set the setuid permission
: for the perl program, say: chmod 6755 myperl.pl
: Then, when I execute it as other users, either the created file is owned by
: another user (say, root), or an error happened and the program can not be
: run by others:
: Insecure ENV{$PATH} ....
: How to deal with this? Thanks a lot.
|
|
