Michael Peppler
Sybase Consulting
Sybase on Linux
Install Guide for Sybase on Linux
General Sybase Resources
General Perl Resources
BCP Tool
Bug Tracker
Mailing List Archive
Downloads Directory
Sybase on Linux FAQ
Sybperl FAQ
Michael Peppler's resume

sybperl-l Archive

Up    Prev    Next    

From: Rakesh Dinger <dinger_rakesh at jpmorgan dot com>
Subject: Re: Executing suid scripts
Date: Nov 1 2002 2:22PM

I tried the second approach....creating softlinks in /usr/lib....

it works now...

Thanks Mike



> Rakesh Dinger writes:
>  > Hi, am running into a problem running a sybperl script with the user setid bit 
>  > on.
>  > 
>  > The script has to be run with the user setid bit on. The permissions are 4711:
>  > 
>  > [2] ls -al
>  > -rws--x--x   1 sybase   sybase       575 Oct 31 11:54
>  > 
>  > When I try to execute this script as another user, I get the following:
>  > 
>  > pm_repo46@hrdev:[1] /home/sybase/
>  > Can't load '/usr/local/perl/' for module Sybase::DBlib: /usr/local/bin/perl: fatal: open failed: No such file or directory at /usr/local/perl/ line 140.
>  >  
> This is Unix's closing a potential security hole. The problem
> here is that you could replace with another file where,
> say, dblogin() does somethign completely different, and then use
> LD_LIBRARY_PATH to get your script to load this other library, and
> execute as 'sybase' (or root, or whatever).
> So you need to either make sure that the file has the correct
> path to the Sybase library files encoded (you can check this with ldd
> while LD_LIBRARY_PATH is unset) *or* create softlinks in /usr/lib to
> the Sybase libraries.
> Michael
> -- 
> Michael Peppler - Data Migrations Inc. -
> - AIM MPpplr
> International Sybase User Group -
> Sybase on Linux mailing list: