l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 May 05 11:38

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Running a suid root perl script
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Running a suid root perl script

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, May 03, 2003 at 08:08:45AM -0700, Ken Herron wrote:
> --On Saturday, May 03, 2003 07:34:01 AM -0700 Henry House=20
> <hajhouse@houseag.com> wrote:
> >I created suid.pl as
> >
> >	#!/usr/bin/sperl5.8.0 -T
> >	print $ENV{"USER"}."\n";
> USER is just a string in the process's environment. It isn't=20
> automatically updated when you run a setuid program. Try having the perl=
> script print its real and effective UIDs, or create a file and see what=
> ID owns it.

  Ken is right about the "USER" environment variable not changing... the
environment is independent of the process permissions.

Seems to work here...=20

msimons@moria:~$ cat s
#! /usr/bin/sperl5.6.1 -w

print "$<, $>, $(, $)\n";

unlink "s.test";
open FILE, "> s.test";
close FILE;
msimons@moria:~$ ls -l s
-r-sr-xr-x    1 root     msimons       106 May  5 14:29 s
msimons@moria:~$ ./s
1000, 0, 1000 33 4 1000, 1000 33 4 1000
msimons@moria:~$ ls -l s.test
-rw-r--r--    1 root     msimons         0 May  5 14:29 s.test

GPG key: http://simons-clan.com/~msimons/gpg/msimons.asc
Fingerprint: 524D A726 77CB 62C9 4D56  8109 E10C 249F B7FA ACBE

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org


vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!