When writing setuid scripts or anything that will be run in a hostile
enviroment, like CGI, it is best to turn on "Taint Checking". Make your
first line - #!/usr/bin/perl -T
'man perlsec' for details. for more perl talk, join ph-perl :)
On Sat, Mar 24, 2001 at 09:56:57AM +0800, Mark Anthony J. Mercado wrote:
>
> On Tue, 20 Mar 2001, Edsel Mabilangan wrote:
>
> > hi pluggers;
> >
> > i have this problem with a script that i have written first in a shell
> > script then rewrote in perl. but when i attached it to a cgi script it
> > would not execute or would perform. but at command prompt it does execute
> > i have chmod +s to give it SIUD or superuser properties but still no luck.
> > i am using wvdial for dialup.
> >
>
>
>
> simply giving suid root to a perl script won't work. you have to use a
> wrapper written in c that would call you perl script... this is the one
> having suid root
>
> here's a simple code to do that
>
> main(ac,av)
> int *ac;
> char **av;
> {
> execv("/path/to/your/perl/script.pl",av);
> }
>
> compile this, rename it to .cgi then use as usual.
>
> DISCLAIMER :
> cgi's with suid root are security hazards. take caution in using them.
--
http://www.internet.org.ph The Philippine Internet Resource
Mobile Voice/Messaging: +63-917-810-9728
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
