Perl and Suid
I spent all morning trying to figure out why my Perl script wasn't working as SUID. I'm using Net::Ping which, if you want to make an ICMP ping packet, requires you to be root. So I made the script setuid but it was still complaining that it wasn't root. So I did some research and found this:
Setuid Scripts Don't Seem to Work
That's right. This feature has been disabled in the Linux kernel on purpose, because setuid scripts are almost always a security hole. Sudo and SuidPerl can provide more security than setuid scripts or binaries, especially if execute permissions are limited to a certain user ID or group ID.
If you want to know why setuid scripts are a security hole, read the FAQ for comp.unix.questions.
So I just ended up using suidperl. Funky stuff!
Setuid Scripts Don't Seem to Work
That's right. This feature has been disabled in the Linux kernel on purpose, because setuid scripts are almost always a security hole. Sudo and SuidPerl can provide more security than setuid scripts or binaries, especially if execute permissions are limited to a certain user ID or group ID.
If you want to know why setuid scripts are a security hole, read the FAQ for comp.unix.questions.
So I just ended up using suidperl. Funky stuff!