Perl security question/RFC
Madison Kelly
linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org
Wed Jul 19 16:26:24 UTC 2006
Hi all,
I decided a little while ago to start from scratch with my backup
program. The old code, which I learned to code by writing (so you can
imagine the horrors that lie in the source!). A benefit of this blank
slate is getting a chance to re-evaluate how things are done.
So then, my question is, what is the most secure, *reasonable* way to
let a perl program execute commands as root?
Simple enough, no? :p
My current "best idea" is to use the trusty setuid C-wrapper to call
a perl script owned by root with 0500 permissions. I'd have the
unprivileged web-based perl script (run from a dedicated webserver) call
the setuid C-wrapper with a set of command line switches. Have those
command line switches passed on the the root-owned perl script which in
turn does dirty work (like un/mount devices and such).
A few things I'll do:
- Compile the full path to the root-owned perl script at install time.
- Have the root-owned perl script only execute certain commands under
certain conditions (ie: only un/mount partitions under a certain directory).
- Set the C-wrapper to be owned by root:<dedicated_user> and have the
permissions 4550.
Comments? Suggestions? Problems? Possible weaknesses?
Thanks all!!
Madison
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list