geoffleach has asked for the wisdom of the Perl Monks concerning the following question:

I have a script that manages USB devices. It needs to mount/umount the device. To do this, the script needs to be run suid, generally a bad thing. If I'm prepared to accept the security problem, is there a better (cleaner) way to achieve this?

Thanks.

Replies are listed 'Best First'.
Re: mounting device from a script
by jo37 (Curate) on Jun 06, 2021 at 21:13 UTC

    Your question does not seem to be related to Perl in any way.

    You may add an udev rule the assigns the device(s) in question to a specific group and then run the script setgid to this group.

    EDIT:
    and then add an appropriate entry in /etc/fstab to allow a user-mount.

    Greetings,
    -jo

    $gryYup$d0ylprbpriprrYpkJl2xyl~rzg??P~5lp2hyl0p$
[reply]
Re: mounting device from a script
by hippo (Archbishop) on Jun 06, 2021 at 21:13 UTC

    Have you read perlsec? There is plenty of wisdom there regarding running with elevated privileges.

    [my script] needs to mount/umount the device

    How does it do this? If it shells out, you can just run mount/umount with sudo and then your script won't need any elevated privileges in the first place.

    🦛

[reply]
Re: mounting device from a script
by Corion (Patriarch) on Jun 07, 2021 at 06:01 UTC

    If the user in general can mount devices, you can (on Gnome-ish Linux systems, but also on my LXQt-based system), use the gio command to mount and unmount devices programmatically. See system

[reply]
Re: mounting device from a script
by cavac (Prior) on Jun 09, 2021 at 13:20 UTC

    Is this a Perl script? If so, please post a minimal version of it. If it's not a Perl script, you'll probably find better advice over at stackexchange or Reddit.

    perl -e 'use Crypt::Digest::SHA256 qw[sha256_hex]; print substr(sha256_hex("the Answer To Life, The Universe And Everything"), 6, 2), "\n";'
[reply]
[d/l]

Back to Seekers of Perl Wisdom