On Friday, May 3, 2002, at 07:03 , Tor Hildrum wrote:
>>> Could someone point me to a page that gives information about all the
>>> pitfalls that are "available" when running a Perl or CGI script with the
>>> suid bit set?
>
> <snip - the expected stuff> :)
sorry... didn't know that you knew that already. My Bad.
>> If you really need setuid processes - then one of the
>> principle tricks remains to have them 'spawned' from a
>> nice harder to hack piece of compiled 'c' code.
>
> So, basically, call a compiled c-code from my Perl-script, and have the
> compiled c-code start the suid process?
well it is sorta 'why does this need to run as a specific user'
sort of question??? In the case of most apache driven stuff,
it should generically be running as 'nobody' to begin with.
{ hence the whole CGI thing. which I would be hard pressed
to see why you want that to be anything other than - just
write it, and install it in the cgi-bin du jure. }
The moment that you NEED to have 'root privilege' to do
x-y-z you REALLY need to have a really good reason to do that
and not merely because your code is bodgy and you want to
get around some bollock in your software.
{trust me, I've seen enough of those gags...}
> Now I only need to learn how to program either C or C++ :)
If you know perl, c is not that hard to pick up...
May I offer you as compensation some old crufty c:
http://www.wetware.com/drieux/src/unix/c/setgid_test.txt
this was 'c' code aimed at running what were shell scripts
that managed the init process models for daemon management.
IF you really wind up going that way - send me email B/C...
I hope that helps - its from some old stuff we did back
with Warpspeed Communications Inc. We used the tactic
of having a special daemon - mr_daemon - which ran without
a login shell - this is actually just 'demo junk' code -
{ hence not covered under any NDA. }
since the actual process went on to require more fascism
about where 'runnable code' was actually installed - and
then all this did was do the setgid/setuid - AND DO IT
IN THAT ORDER!!!!! In this case the core init script would
be called by root at boot/shutdown times - and we clearly
did not want daemons running as root.... so you need to
setgid WHILE you are root, before doing the setuid 'down'
to a more practical entity....
If you setuid down - you will not have the permissions to
do the setgid side of the game...
so the trick is to make the code - and then make sure
when it gets installed it is OWNED by the UID that
the puppy will do the setuid to....
ciao
drieux
---
"You can have my root access, after you
rip it from my cold dead hand..."
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
