NAME
Unix::SavedIDs - interface to unix saved id commands: getresuid(),
getresgid(), setresuid() and setresgid()
SYNOPSIS
use Unix::SavedIDs;
my($ruid,$euid,$suid) = getresuid();
setresuid(10,10,10);
STATUS
This is alpha code. I'm going to be using it a lot in production and
once I'm comfortable that it's working well I'll up the version number
to 1.0 and call it a production release.
DESCRIPTION
This module is a simple interface to the c routines with the same names.
If you want to drop root privileges, see Unix::SetUser. This provides a
simple interface, uses Unix::SavedIDs to handle saved ids, handles
supplemental groups and generally makes dropping root privileges easy
and secure.
If you want to drop root privileges, use Unix::SetUser or this module,
Unix::SavedIDs. Seriously.
$<, $>, $(, $) and the POSIX setuid(),seteuid etc... functions give you
access to the real uid/gid (ruid/rgid) and effective uid/gid
(*euid*/*egid*), but there was no way to get or set the saved uid/gid
(*suid*/*sgid*).
WHY THIS MATTERS
# start as root
die if $> != 0;
# I think this should drop root
$( = 50;
$) = "50 50";
$> = 50;
$< = 50;
# Make sure I dropped root
print "\$< = $<\n";
print "\$> = $>\n";
# I really dropped root, right?
# So, I can't possibly switch back.
$< = 0;
$> = 0;
print "\$< = $<\n";
print "\$> = $>\n";
# oh crap....
The effective user id changed back to root. If someone cracks your
script, they can get root.
FUNCTIONS
getresuid()
returns a list of 3 elements, the current *ruid*, *euid* and *suid* or
croaks on failure.
getresgid()
returns a list of 3 elements, the current *rgid*, *egid* and *sgid* or
croaks on failure.
setresuid(*ruid*,*euid*,*suid*)
Sets the current *ruid*, *euid* and *suid* or croaks on failure.
Any arguments which are unset,undef or -1 tells setresuid to leave that
value unchanged. E.G.
setresuid(500);
setresuid(500,undef,undef);
setresuid(500,-1,-1);
... all will set the *ruid* to 500 and leave the *euid* and *suid* alone
and:
setresuid(undef,undef,500)
... will set your *suid* to 500 and leave your *ruid* and *euid*
unchanged.
setresgid behaves in the same way.
setresgid(*rgid*,*egid*,*sgid*)
Sets the current *rgid*, *egid* and *sgid* or croaks on failure.
Please see setresuid() above to see how to leave an id unchanged.
ACKNOWLEDGMENTS
I recently discovered Proc::UID by Paul Fenwick. It does everything that
this module does plus more. Sadly, its unmaintained since 2004 and the
author specifically states that it is not for production code.
BUGS AND LIMITATIONS
Installer doesn't check directly for saved ids. Instead it assumes
anything non posix won't do saved ids. That isn't necessarily true.
I only have Linux and OpenBSD systems to test on, so I have no idea how
it might work on other operating systems. If you run a different OS,
please let me know how this module works in your environment.
Please report any bugs or feature requests to
"
[email protected]", or through the web interface at
<
http://rt.cpan.org>.
AUTHOR
Dylan Martin "<
[email protected]>"
LICENSE AND COPYRIGHT
Copyright (c) 2008, Dylan Martin & Seattle Central Community College
"<
[email protected]>".
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
DISCLAIMER
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
