Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Pel Wrapper Program
- Thread starter jdhinze
- Start date
There are mechanisms to do this in Perl - but there are safeguards that try and make it safe as well.<br>
<br>
I'm not comfortable explaining - in detail - how to do this in a public forum but start by looking at:<br>
<br>
1) Perl has to have been installed to allow this; if you're using v4 look for "taintperl" in the documentation.<br>
2) Get the Camel book.<br>
3) Unless you're using AIX it might be worthwhile looking at setuid scripts.<br>
<br>
Perl is a *good* mechanism for doing this kind of work because of all the checks it does.<br>
<br>
Regards<br>
<br>
Mike<br>
---<br>
Mike_Lacey@Cargill.Com<br>
<br>
I'm not comfortable explaining - in detail - how to do this in a public forum but start by looking at:<br>
<br>
1) Perl has to have been installed to allow this; if you're using v4 look for "taintperl" in the documentation.<br>
2) Get the Camel book.<br>
3) Unless you're using AIX it might be worthwhile looking at setuid scripts.<br>
<br>
Perl is a *good* mechanism for doing this kind of work because of all the checks it does.<br>
<br>
Regards<br>
<br>
Mike<br>
---<br>
Mike_Lacey@Cargill.Com<br>
I agree with Mike, although I'm always nervous of scripting things that run as root... What if I somehow put a problem in that ended up doing something as disastrous as "rm -fr /" as while I was root...<br>
<br>
Preferably, ditch perl altogether and look at sudo. This let's normal users run programs as root by supplying their own login password.<br>
<br>
Sudo has a configuration file that defines which users can run which programs. So, if a user's account became compromised you would not have a wide open system.<br>
<br>
You could then set up your perl script owned and executable by root only, and have access to it controlled by sudo. Another advantage of this would be that the program would only be available to users authorised by sudo, and not to eceryone who could access it.<br>
<br>
Can't remember the URL for sudo, but a search on your local SunSite should bring back plenty of hits.
<br>
Preferably, ditch perl altogether and look at sudo. This let's normal users run programs as root by supplying their own login password.<br>
<br>
Sudo has a configuration file that defines which users can run which programs. So, if a user's account became compromised you would not have a wide open system.<br>
<br>
You could then set up your perl script owned and executable by root only, and have access to it controlled by sudo. Another advantage of this would be that the program would only be available to users authorised by sudo, and not to eceryone who could access it.<br>
<br>
Can't remember the URL for sudo, but a search on your local SunSite should bring back plenty of hits.
- Status