Thanks a lot Jason for your help. OK, now I understand a bit about the '#!' line. But, one more problem:
If my PERL script is a CGI script and set with SUID, it would not be able to write to any file even though it has the WRITE permission. Why is that? Any solution? Sorry, I've been asking too much because I'm pretty new to PERL. I've scanned through perlsec as you told. It was useful but did not mention about the CGI SUID script. David ----- Original Message ----- From: Jason L Tibbitts III <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 19, 2001 11:36 PM Subject: Re: Setting SUID for a PERL Script on RH? > >>>>> "DNO" == David N Olaf <[EMAIL PROTECTED]> writes: > > DNO> Before I did that, the syntax was OK. However, after I issued the > DNO> above command, and did 'perl -c tst.pl' again, it now said: > > DNO> "Args must match #! line at tst.pl line 1." > > The #! line isn't "/usr/bin/perl -c", is it? Then the args don't > match. You shouldn't try to use setuid scripts anyway, but if you > insist then you must put up with the additional security checks that > Perl imposes. Making sure that you use the same arguments when you > call perl with your script and when you invoke the script directly is > one of them. > > The perlsec manpage has useful information about this. It even > includes this: > > Switches On the "#!" Line > > When you make a script executable, in order to make it usable > as a command, the system will pass switches to perl from the > script's #! line. Perl checks that any command line switches > given to a setuid (or setgid) script actually match the ones > set on the #! line. Some Unix and Unix-like environments > impose a one-switch limit on the #! line, so you may need to > use some thing like `-wU' instead of `-w -U' under such > systems. (This issue should arise only in Unix or Unix-like > environments that support #! and setuid or setgid scripts.) > > You really should read "man perlsec". > > - J< > > > > _______________________________________________ > Seawolf-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/seawolf-list _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/seawolf-list
