Seems like a good solution, I will give it a try.
If Linux does not honor the setuid bit, then how come there are perl man
pages about how to write safe setuid scripts in perl? like perldoc
perlsec.
Spencer
On Monday 10 February 2003 02:11 am, Jason Smith wrote:
> On Monday 10 February 2003 02:57 pm, Doc wrote:
> > Linux rightly refuses to honor the setuid bit on a shell script. As
> > far as I know, there's no way to get around that by setting
> > permissions.
>
> Hmm. Neither do I, but I would suggest sudo.
>
> I just did a test with it, off the top of my head. I created this
> /tmp/test.pl (normal file, mode 0755):
> #!/usr/bin/perl -w
>
> $sudo = '/usr/bin/sudo';
>
> if( $> != 0 ) {
> # Not root
> exec $sudo, $0, @ARGV;
> }
>
> print "\$> is $>\n";
> print "\$< is $<\n";
>
> Then I added this to /etc/sudoers:
> %users ALL = NOPASSWD: /tmp/test.pl
>
> The great thing about sudo, unlike setuid root scripts is that you get a
> message in your syslog every time something happens. So if everything
> crashes and you suspect foul play, go look for the last guy who ran your
> script.
>
> Two things about the above idea:
> 1) $> and $< end up both being 0
> 2) I just made that sudoers change from a quick glance at the man page
> so double-check to make sure it's valid on your system.
>
> HTH,
_______________________________________________
Siglinux mailing list
[EMAIL PROTECTED]
http://www.utacm.org/mailman/listinfo/siglinux
