Dylan Djos Martin > Unix-SavedIDs-0.4.1 > Unix::SavedIDs

Download:
Unix-SavedIDs-0.4.1.tar.gz

Dependencies

Annotate this POD

CPAN RT

Open  1
View/Report Bugs
Module Version: 0.4.1   Source  

NAME ^

Unix::SavedIDs - interface to unix saved id commands: getresuid(), getresgid(), setresuid() and setresgid()

SYNOPSIS ^

    use Unix::SavedIDs;

        my($ruid,$euid,$suid) = getresuid();
        setresuid(10,10,10);

STATUS ^

This is alpha code. I'm going to be using it a lot in production and once I'm comfortable that it's working well I'll up the version number to 1.0 and call it a production release.

DESCRIPTION ^

This module is a simple interface to the c routines with the same names.

If you want to drop root privileges, see Unix::SetUser. This provides a simple interface, uses Unix::SavedIDs to handle saved ids, handles supplemental groups and generally makes dropping root privileges easy and secure.

If you want to drop root privileges, use Unix::SetUser or this module, Unix::SavedIDs. Seriously.

$<, $>, $(, $) and the POSIX setuid(),seteuid etc... functions give you access to the real uid/gid (ruid/rgid) and effective uid/gid (euid/egid), but there was no way to get or set the saved uid/gid (suid/sgid).

WHY THIS MATTERS ^

        # start as root
        die if $> != 0;
        # I think this should drop root 
        $( = 50;
        $) = "50 50";
        $> = 50;
        $< = 50;
        # Make sure I dropped root
        print "\$< = $<\n";
        print "\$> = $>\n";
        # I really dropped root, right?  
        # So, I can't possibly switch back.
        $< = 0;
        $> = 0;
        print "\$< = $<\n";
        print "\$> = $>\n";
        # oh crap....

The effective user id changed back to root. If someone cracks your script, they can get root.

FUNCTIONS ^

getresuid()

returns a list of 3 elements, the current ruid, euid and suid or croaks on failure.

getresgid()

returns a list of 3 elements, the current rgid, egid and sgid or croaks on failure.

setresuid(ruid,euid,suid)

Sets the current ruid, euid and suid or croaks on failure.

Any arguments which are unset,undef or -1 tells setresuid to leave that value unchanged. E.G.

  setresuid(500);
  setresuid(500,undef,undef);
  setresuid(500,-1,-1);

... all will set the ruid to 500 and leave the euid and suid alone and:

  setresuid(undef,undef,500)

... will set your suid to 500 and leave your ruid and euid unchanged.

setresgid behaves in the same way.

setresgid(rgid,egid,sgid)

Sets the current rgid, egid and sgid or croaks on failure.

Please see setresuid() above to see how to leave an id unchanged.

ACKNOWLEDGMENTS ^

I recently discovered Proc::UID by Paul Fenwick. It does everything that this module does plus more. Sadly, its unmaintained since 2004 and the author specifically states that it is not for production code.

BUGS AND LIMITATIONS ^

Installer doesn't check directly for saved ids. Instead it assumes anything non posix won't do saved ids. That isn't necessarily true.

I only have Linux and OpenBSD systems to test on, so I have no idea how it might work on other operating systems. If you run a different OS, please let me know how this module works in your environment.

Please report any bugs or feature requests to bug-unix-savedids@rt.cpan.org, or through the web interface at http://rt.cpan.org.

AUTHOR ^

Dylan Martin <dmartin@cpan.org>

LICENSE AND COPYRIGHT ^

Copyright (c) 2008, Dylan Martin & Seattle Central Community College <dmartin@cpan.org>.

Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.

DISCLAIMER ^

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

syntax highlighting: