On Feb 16, 9:00 pm, Dan Stromberg <drsali...@gmail.com> wrote: > So yeah, whether you use perl or anything else invoked with #!, you're > pretty much better off with sudo, or a tiny C wrapper that's so simple > it's hard to get wrong.
UNIX makes this almost impossible unless your wrapper is cooperative with whatever process invokes it, which is itself a security risk. I advise anyone seriously considering this route to take a long, hard look at just what contortions sudo goes through in order to achieve this safety. A correct suid program is neither tiny nor simple. Passing things through sudo(1) is really the only sensible route these days but even that can be fraught with peril. For something as simple as, 'Write to a normally restricted area' it's probably no more secure than an ACL (and potentially way less if you screw up the sudo configuration). > However, perl's taint feature would be useful > irrespective when writing privileged code; it removes some of the > skill required. I don't really think so. It doesn't help prevent, for example, someone redirecting stdout to /etc/shadow and then running your command. Besides, I'm not even remotely convinced that 'removing skill' is a good idea. It especially doesn't help you very much when the whole point of your script is just a wrapper to elevate privileges (execute another programs) or copy files about. Adam -- http://mail.python.org/mailman/listinfo/python-list
