[index] [text page] [<<start] [<prev] [next>] [last>>]
Page 43: Suidperl

Page 43

  
  Suidperl
  Perl can be run with suid (set user id) permissions using /usr/bin/suidperl.
  Automatically enables taint mode.
  Script must have suid bit set
  /usr/bin/suidperl is suid root, but changes e[ug]id to file's settings.
  Be sure to do as little with the increased priviliges!
    open INPUT, "<",  $file1;
    open OUTPUT, ">",  $output;
    # drop privileges asap
    use ENGLISH
    $EGID = $GID;   # set effective to real group id
    $EUID = $UID;   # set effective to real user id
    # use INPUT and OUTPUT as necessary.

Copyright 2003, Bri Hatch of Onsight, Inc.

Presented at SPUG, 2003.

Presentation created using vim and MagicPoint.