Running $ORIGIN linked binaries from setuid scripts on linux
Posted
by
drscroogemcduck
on Server Fault
See other posts from Server Fault
or by drscroogemcduck
Published on 2010-04-22T12:28:54Z
Indexed on
2012/09/03
15:40 UTC
Read the original article
Hit count: 279
linux
I'm using suidperl to run some programs that require root permissions. however, the runtime linker won't expand library paths which contain $ORIGIN entries so the programs i want to run (jstack from java) won't run.
There is one exception to the advice to make heavy use of $ORIGIN. The runtime linker will not expand tokens like $ORIGIN for secure (setuid) applications. This should not be a problem in the vast majority of cases.
my program looks something like this:
#!/usr/bin/perl
$ENV{PATH} = "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/java/jdk1.6.0_12/bin:/root/bin";
$ENV{JAVA_HOME} = "/usr/java/jdk1.6.0_12";
open(FILE, '/var/run/kil.pid');
$pid = <FILE>;
close(FILE);
chomp($pid);
if ($pid =~ /^(\d+)/) {
$pid = $1;
} else {
die 'nopid';
}
system( "/usr/java/jdk1.6.0_12/bin/jstack", "$pid");
is there any way to fork off a child process in a way so that the linker will work correctly.
© Server Fault or respective owner