[NTLUG:Discuss] SETUID on Shell Scripts Question
MadHat
madhat at unspecific.com
Mon Apr 3 10:19:43 CDT 2000
Brian wrote:
>
> MadHat wrote:
> > since perl is a scripting language, I know this is not correct (unless
> > the default in the newer kernels is to have the ability turned on,
> > 'cause I didn't set it).
>
> Well, if you haven't tried it yourself, then I guess you really don't
> know, do you? You can't create a suid perl script that will run
> anything with a effective UID of root on a kernel > 2.0.38. You can put
> a C wrapper around it. This is explained in minute detail in the blue
> camel book.
what I was talking about was the comment made by you about "This
functionality can be disabled in the kernel, if you really have to run
suid scripts." What I was trying to say is that I have not disabled
anything about suid scripts in the kernel. I am presently running 2.2.*
(different releases on different machines) and I do run suid scipts in
perl. But as I said I do have to use the 'suidperl' binary instead of
the 'perl' binary, but by using it, it works fine for suid scripts. I
run several scripts suid root, but none of them are _shell_ scripts,
they are all perl scripts.
Can you tell me what page you are looking at in the Camel book? The
only mention I can remember (and could find when I just looked) is
mention of the suidperl binary. Is this the wrapper of which you speak?
>
> However, if you have a workaround, I would be most interested in seeing
> how you do it.
for perl, or shell scripts?
--
%_=split';','2e;hac;40;not;64;ju;66; Perl ;68;st a;6f;ker;75;her';
print map $_{unpack "H2",$_}, split //,
'madhat at unspecific.com'
# aka Lee Heath, but don't tell anyone.
More information about the Discuss
mailing list