P
Peter Michaux
I have a Perl script that I want to run as a set-user-ID program. Many
OSes don't allow scripts run as set-user-ID. To make this script
portable, it seems I need to write a C wrapper program that calls exec
or system to give the Perl script the necessary effective permissions.
How can I make the C wrapper program secure? or "more" secure?
The Perl script, which is "-rwsr-xr-x root root" will look at the real
user id and then check a permissions file that is "-rw------- root
root" to determine if the real user can carry out the subcommand to
the script.
Is it futile to attempt to solve my problem with a C wrapper program
around a Perl script? Writing this particular program all in C is
appealing from a purity point of view but I was going to be just
gluing together a bunch of command line tools like wget, chmod, tar
and a parser for YAML. Writing it all in C seems like overkill. If I
write this all in C then I suppose I need to find good libraries to
emulate all of these features.
Any suggestions?
Thanks,
Peter
OSes don't allow scripts run as set-user-ID. To make this script
portable, it seems I need to write a C wrapper program that calls exec
or system to give the Perl script the necessary effective permissions.
How can I make the C wrapper program secure? or "more" secure?
The Perl script, which is "-rwsr-xr-x root root" will look at the real
user id and then check a permissions file that is "-rw------- root
root" to determine if the real user can carry out the subcommand to
the script.
Is it futile to attempt to solve my problem with a C wrapper program
around a Perl script? Writing this particular program all in C is
appealing from a purity point of view but I was going to be just
gluing together a bunch of command line tools like wget, chmod, tar
and a parser for YAML. Writing it all in C seems like overkill. If I
write this all in C then I suppose I need to find good libraries to
emulate all of these features.
Any suggestions?
Thanks,
Peter