Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re^6: creating a secure environment for perl scripts to run

by afoken (Chancellor)
on Feb 03, 2022 at 16:47 UTC ( [id://11141109]=note: print w/replies, xml ) Need Help??


in reply to Re^5: creating a secure environment for perl scripts to run
in thread creating a secure environment for perl scripts to run

Just be aware that su can also be used by root to downgrade to other users on occasion.

That can also be done by sudo:

/root>sudo -u nobody whoami
nobody

/root>

[download]

Add -i to get an interactive shell, if possible. Note that the nobody account is intentionally configured to have an invalid home directory and an invalid login shell, so you won't get an interactive shell as nobody.

/root>sudo -u nobody -i
sudo: unable to change directory to /nonexistent: No such file or dire
+ctory
sudo: unable to execute /usr/sbin/nologin: No such file or directory

/root>sudo -u alex -i

/home/alex>whoami
alex

/home/alex>exit
logout

/root>

[download]

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Replies are listed 'Best First'.
Re^7: creating a secure environment for perl scripts to run
by hippo (Bishop) on Feb 03, 2022 at 17:03 UTC
    That can also be done by sudo

    Absolutely so. The reason for my caution in removing su was more that other subsystems/applications might be using it behind the scenes to achieve this and if you remove su then those processes might fail.

    🦛

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://11141109]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others romping around the Monastery: (6)
As of 2024-04-23 23:56 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found