dear monks, i'm a quite new perl user moreover english isn't my first language... but i'll try to explain properly my problem.

well, i'm setting up a script that display html page thru a socket.

but as basic it is, it permit to go up in directories and let display dangerous data like /etc/passwd etc.. So i intended to chroot the directory to secure it .this where i'm getting trouble i tried to put such lines:

my $user="nobody"; unless ($uid =(getpwnam($user))2){ die "tentative de lancer user inexistant ou root :p\n";

and just before the treatment : chroot($docroot) or die " chroot() a échoué : $!\n"; $> = $uid ;

here is the script hope that you may help me.. 

#! /usr/bin/perl


use Socket;

#config serveur

my $docroot = "/var/www/html";
my $addr_serv ="";
my $port_serv ="34000";
my $protocole ="tcp";
my $user="nobody";

$SIG{CHLD}="IGNORE";

unless ($uid =(getpwnam($user))[2]){
        die "tentative de lancer user inexistant ou root :p\n";
        }

#definition socket
my $proto =getprotobyname ($protocole);
$proto = getprotobynumber ($protocole) unless defined ($proto);
die "Protocole : $!\n" unless (defined ($proto));

my $port = $port_serv if ($port_serv !~ /\D/);
$port = getservbyname ($port_serv, $proto) unless (defined ($port));
die "Services : $!\n" unless (defined ($port));

my $adr = gethostbyname ($addr_serv);
$adr = gethostbyaddr ($addr_serv, AF_INET ) unless (defined ($adr));
$adr = INADDR_ANY unless (defined ($adr));

socket SOCK_SRV, PF_INET, SOCK_STREAM, $proto or die "socket : $!\n";

#bind le port et l'addresse
setsockopt (SOCK_SRV , SOL_SOCKET, SO_REUSEADDR, pack ("l" , 1));
bind (SOCK_SRV, sockaddr_in ($port, $adr)) or die "bind : $!\n";
listen (SOCK_SRV, 5);

chroot('/var/www/html') or die " chroot() a échoué : $!\n"; 
    $> = $uid ;
#ouvre le père jusqu'a ctrl+C
for (;;) {
    accept SOCK, SOCK_SRV or last;
    ($port, $adr) = unpack_sockaddr_in getpeername SOCK;
    

    #fork le fils
    if (fork !=0) {
        close SOCK ;
        next;
    }
    
    

    close SOCK_SERV;
    
    
    select SOCK;
    
    $| = 1;
        
        chroot($docroot) or die " chroot() a échoué : $!\n"; 
    $> = $uid ;

    #traitement de la requete
    while (<SOCK>) {
        #ignore tt requete sauf celle précédé de GET
        last if (/^\s*$/);
        next unless ( /^GET /);
        $path = (split (/\s+/)) [1];
        # ouvre le fichier demandé
        if (open (FILE,  "$docroot$path")) {
            my @lines = <FILE>;
            foreach $l(@lines){
                print $l;
            }
        close (FILE);
        print "\n";
    }
    # ou affiche une erreur si inexistant
    else {
        print "error" ;    
    exit (0);
}
    }
            
    exit (0) ;
    
    }

[download]

In reply to chroot a directory... by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.