This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Subject: Re: how to suid a perl script From: "Steve \"Stevers!\" Coile" <scoile@redhat.com> Date: Mon, 24 May 1999 17:14:33 -0400 (EDT) On Mon, 24 May 1999, Igmar Palsenberg wrote: [...] >Suid'ing a script doesn't make sense. It spawn a program that interprets >that script (in this case perl) and and then the script runs. > >A suid script doesn't mean anything to the system. > >In you case, you must make perl suid root, but be sure that you only >let that suid perl run bu authorized users, else then can do anything >with the system they like. NO!!! Very bad! Do not take this suggestion, as the "perl" binary is not designed to be set-UID. Perl is, however, specially designed to handle set-UID Perl scripts. Even if the operating system doesn't handle set-UID scripts, Perl checks the permissions of the script. If the script is set-UID, Perl will reinvoke itself via "suidperl". The "suidperl" utility *is* set-UID, and will respect the settings of the original script. The point to take, though, is that Perl is smart enough to do this all itself. You don't need to (and in fact shouldn't) invoke "suidperl" directly. ===