Re: changing uid/gid in suid cgi script

To manipulate *nix uid and gid,

use POSIX qw( geteuid getuid setuid getgid getegid setgid );
[download]

See manpages POSIX.3 setuid.2 etc.

Your question is posed as if you want to make a web interface for user accounts on the server. That is a dangerous prospect. Doing it suid root is likely to be a calamity. Many nixes will not run an interpreter script suid root.

Can your project be done with https authentication instead?

After Compline,
Zaxo

Comment on Re: changing uid/gid in suid cgi script Download Code

Replies are listed 'Best First'.
Re: Re: changing uid/gid in suid cgi script by jj808 (Hermit) on Sep 06, 2001 at 11:51 UTC
> Many nixes will not run an interpreter script suid root. I had this problem with Compaq Tru64 UNIX, the fix I used was a small bit of C code (yes I know it isn't Perl :-) as follows: `#include <unistd.h> int main (int argc, char *argv[]) { execl("/path/to/yourscript.pl", "yourscript.pl", NULL); }` [download] Save this as 'wrapper.c' and compile it with `cc -o wrapper wrapper.c` [download] Set the permissions of 'wrapper' so it runs SUID root, then the EUID and EGID variables in your Perl script will be correctly set. As Zaxo said, this is dangerous, but if you really want to... (Code taken from the book 'Professional Apache' published by Wrox) Regards, JJ	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re: Re: changing uid/gid in suid cgi script
by jj808 (Hermit) on Sep 06, 2001 at 11:51 UTC

I had this problem with Compaq Tru64 UNIX, the fix I used was a small bit of C code (yes I know it isn't Perl :-) as follows:

#include <unistd.h>

int main (int argc, char *argv[]) {
    execl("/path/to/yourscript.pl", "yourscript.pl", NULL);
}
[download]

cc -o wrapper wrapper.c
[download]

As Zaxo said, this is dangerous, but if you really want to...

(Code taken from the book 'Professional Apache' published by Wrox)

Regards,

[reply]
[d/l]
[select]