pavement

Perl setuid

From FreeBSDwiki
Revision as of 06:46, 25 February 2006 by Jimbo (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

first, you need to recompile perl:

# cd /usr/ports/lang/perl5.8 && make -DENABLE_SUIDPERL="YES" install clean

then you have to make sure your script is chmodded setuid:

# chmod 4755+s ./myscript.pl

and the ridiculously undocumented part - it still isn't going to "just run setuid." you have to change your uid within your perl code, something like this.

my $real_user_id       = $<; # Grab all the original values
my $effective_user_id  = $>; # so we can reset everything 
my $real_group_id      = $(; # when we are done with root access
my $effective_group_id = $); # 
$<=$>=0;                     # 0 is almost always OWNER root
$(=$)=0;                     # 0 is almost always GROUP wheel
#
# ...SOME PERL CODE...
#
$< = $real_user_id;          # Set everything back to original
$> = $effective_user_id;     # values.
$( = $real_group_id;         # 
$) = $effective_group_id;    # 

Of course the neat thing there is that you can easily bounce back and forth between uids.

Personal tools