Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need Help w/ reading file

Status
Not open for further replies.
maunir

maunir

MIS
Apr 30, 2002
62
US
I have a program running as bin, and I want to read a file that's own by root on a different server. The script works when I run it as root, and it does what is suppose to do. But as soon as i run the program as bin, it gets permission denied.
what I want to do is change my script to act as root when i'm logged in as bin, any ideas will be appreciated.
 
Sort by date Sort by votes
What you are looking for is to run the script setuid to root. WARNING It is extreamly dangerous to run perl setuid. There are various vunerabilities in the setuid versions of perl and it may be removed shortly.

First evaluate it there is any otherway to read the file. Can the file be read by a group that bin might be in or added to?

Your best bet is to write a small, tightly controlled setuid C program that will read the file for you and do nothing else. I love perl but setuid (especially to root) is not something I trust it to do.

If you must, you need to use
Code: 
suidperl
. The requirements are extreamly tight to use it. Sorry I'm not more help but I don't feel comfortable explaining how to use suidperl. Unless you are extreamly careful about security, you might as well remove root's password and let everyone play on your box.

I hope I've gotten across how unwise it is to run perl setuid.
 
Upvote 0 Downvote
Could you use scp to copy the file off that box, and read it locally. Is there any real reason the file has to be root?

Why not just chmod that file to 755

HTH
Paul

It's important in life to always strike a happy medium, so if you see someone with a crystal ball, and a smile on their face ...
 
Upvote 0 Downvote
thanks for the responses, but i've already use rcp to copy the file over. I can't change anything to that particular file. Have to leave it as it is. I'm not sure about setuid, but i definetly look into it as this script will only be used by sys adm.

thanks
 
Upvote 0 Downvote
Its a NO go for setuid, did some reading and Usige you are right it's is risky....thanks for the input though...
 
Upvote 0 Downvote
A bit crazy,

But its only a log file, generate a web page based on it (its own home server) and use LWP to get the details

Check the ownership (responsibility wise) and see if they're willing to accept the risk

Just a thought

--Paul

It's important in life to always strike a happy medium, so if you see someone with a crystal ball, and a smile on their face ...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rob54321
  • Locked
  • Question
Perl how to read line from file with interpolation 1
Replies
6
Views
1K
rob54321
rob54321
Bob6739
  • Locked
  • Question
Perl Beginner - Need Help
Replies
6
Views
673
feherke
feherke
newbie1238585
  • Locked
  • Question
Perl how to read string in csv file * as wildcard operator
Replies
2
Views
644
mikrom
mikrom
kokch
  • Locked
  • Question
Need assistance with XML- Sort/Grouping (alpha sort; hide without groups)
Replies
1
Views
420
mikrom
mikrom
Limbomusic
  • Locked
  • Question
Perl files getting accessed directly
Replies
0
Views
508
Limbomusic
Limbomusic

Part and Inventory Search

Sponsor

Back
Top