Recent Changes - Search:



My journals will take the place of a blog. They have moved to

Sites I take responsibility for






Places I frequent



Items for sale:


edit SideBar


Include our styles below Infobox - invoke as >>infobox<< ... >><<

Codebox: - invoke as >>codebox<< ... >><<

warnbox: - invoke as >>codebox<< ... >><<

editingbox: - invoke as >>codebox<< ... >><<

noticebox: - invoke as >>codebox<< ... >><<

Page bread crumbs:

Pages by tags: (:listtags:)
Subscribe to this wiki: RSS Feed RSS or subscribe to this page for changes: RSS Feed RSS
496 articles have been published so far. Recent changes
(:addThis btn="custom":)

I assuming here you already know what SUID does for you when set. If not go read

In Linux (since the beginning) SUID only works on executable programs and not shell scripts. The exception is Perl scripts.

Running Perl scripts as SUID:

When a perl script runs setuid or setgid, taint checking is turned on. Check perlsec for an explanation. This is required reading for running scripts as SUID. One thing taint mode does, is complain loudly when you did not set your PATH explicitly in your script.

(:code header=Output from make install lang=Bash wrap=80:) $ sudo chmod 4755 $ ./ Insecure $ENV{PATH} while running setuid at ./ line 10. (:codeend:)

This is the Insecure $ENV{PATH} while running setuid at ./ line 15. message. To get rid of this message, you need to set your path explicitly in your script, and set it so that <b>no</b> directory in that path is writable by others than it's owner and group. The easiest way to do this is to simply clear PATH ($ENV{'PATH'}='';) and call all external commands with their full path specified. A quick example:

(:code header=Output from make install lang=Perl wrap=80:) $ perl -Te 'system("/bin/echo", "Camels have fleas");' Insecure $ENV{PATH} while running with -T switch at -e line 1. $ perl -Te '$ENV{PATH}="";system("/bin/echo", "Camels have fleas");' Camels have fleas (:codeend:)

Kevin's Public Wiki maintained and created by Kevin P. Inscoe is licensed under a
Creative Commons Attribution 3.0 United States License.

Back to my web site -

Edit - History - Print - Recent Changes - Search
Page last modified on September 16, 2013, at 03:10 PM EST