How to successfully run a Perl script using setuid () when used as cgi-bin?

Question

How to successfully run a Perl script using setuid () when used as cgi-bin?

I have a Perl script that is called either through Apache or on the command line.

For testing purposes, I pass it the username that I want to work with the Perl script with, and use it POSIX::setuidfor installation uid.

If I run the script from the command line, it uidinstalls correctly:

use CGI::Pretty qw/:standard/;
use POSIX qw(setuid getuid);

...
my ($pwName, $pwCode, $pwUid, $pwGid, $pwQuota, $pwComment, 
    $pwGcos, $pwHome, $pwLogprog) = getpwnam($username);

if ((defined $pwUid) && (getuid() == $pwUid)) {
    setuid($pwUid);
    print header;
    print Dumper $<;
}
else {
    print header(-status => 401);
    print "Could not setuid to correct uid (currently: )".getuid()."\n";
}

The command line output displays the correct one uidspecified $usernameinstead of the uidtest account in which the script is running.

If I call the script through Apache, then it uidremains the set user ID apacheand never changes.

, suExec , , :

script http://www.example.com/~username $username. script , uid script.
, script , , Apache. Apache , script, .

Perl script, cgi-bin, uid setuid()?

+3

perl apache setuid cgi-bin suexec

Alex Reynolds 14 . '11 10:19

1

Dave Sherohman · Accepted Answer · 2011-02-14T10:47:08+0000

, setuid uid, - root. [1]

, CGI, root, .

uid? , setuid?

[1] su/sudo [2] -, su/sudo , suid root / , CGI- root. root , , .

[2] sudo , , , . , , , , , .

How to successfully run a Perl script using setuid () when used as cgi-bin?

More articles: