Perl security question/RFC

Madison Kelly linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org
Wed Jul 19 16:26:24 UTC 2006


Hi all,

   I decided a little while ago to start from scratch with my backup 
program. The old code, which I learned to code by writing (so you can 
imagine the horrors that lie in the source!). A benefit of this blank 
slate is getting a chance to re-evaluate how things are done.

   So then, my question is, what is the most secure, *reasonable* way to 
let a perl program execute commands as root?

   Simple enough, no? :p

   My current "best idea" is to use the trusty setuid C-wrapper to call 
a perl script owned by root with 0500 permissions. I'd have the 
unprivileged web-based perl script (run from a dedicated webserver) call 
the setuid C-wrapper with a set of command line switches. Have those 
command line switches passed on the the root-owned perl script which in 
turn does dirty work (like un/mount devices and such).

   A few things I'll do:

- Compile the full path to the root-owned perl script at install time.
- Have the root-owned perl script only execute certain commands under 
certain conditions (ie: only un/mount partitions under a certain directory).
- Set the C-wrapper to be owned by root:<dedicated_user> and have the 
permissions 4550.

   Comments? Suggestions? Problems? Possible weaknesses?

   Thanks all!!

Madison
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list