perldoc perlsec
section on opening in a fork to drop privileges in setuid root programs
perldoc perlvar
specifically UID, EUID
perldoc POSIX
specifically setuid()
That should certainly start you down the right path... Not sure about the cross platform compatibility, obviously most Win systems aren't POSIX compliant.
http://danconia.org
Beau E. Cox wrote:
Hi - I have a script (simple server) that can be used by others remote to me. For security I would like to 'become' (assume the permissions) of a specified, under-privileged user before listening to the outside world - much like Apache 'becomes' the user/group specified in the http.conf file.I admit, I'm lost... CPAN 'user' modules seem to concentrate on looking at/manipulating users, not changing into one. I would like to do this in a 'portable' way, (nix and Win32). Before I delve into the Apache source, is there somewhere else to look? Aloha => Beau;
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
