Re: Authorization - Perl as helper tool vs. SUID
Re: Authorization - Perl as helper tool vs. SUID
- Subject: Re: Authorization - Perl as helper tool vs. SUID
- From: Bob Ippolito <email@hidden>
- Date: Mon, 10 Jan 2005 17:31:24 -0500
On Jan 10, 2005, at 17:17, Sherm Pendley wrote:
On Jan 10, 2005, at 4:22 PM, Nick Zitzmann wrote:
I don't think that will work. The Perl script will not run because
Perl will not execute the script when the privileges are elevated but
the UID is not root.
Hmmm... that would complicate things. But I'm not certain it's true -
I don't know of any such checks in Perl. Nothing personal, but I think
I'll run a few tests to verify this... :-)
Here is a solution that does work:
<http://www.cocoabuilder.com/archive/message/2003/8/17/93439>
That's the same workaround I referred to, that's suggested by Perl's
security pages as well. It's certainly the way to go if the suid bit
absolutely, positively *must* be set. What I'm trying to determine is
if the suid bit is truly a must-have, or merely a matter of
convenience.
The suid bit is merely a matter of convenience, so that it is not
necessary to authorize every time. In my Python wrappers for
Authorization <http://undefined.org/python/#Authorization>, I didn't
need to ever fiddle with the suid bit. In fact, in the examples
<http://svn.red-bean.com/bob/Authorization/trunk/test/>, I just write
out the authorized script on the fly and trash it after run.
-bob
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden