Run suid Perl scripts under Apache without suidperl using a really simple C wrapper

If Perl was installed on your computer without the ‘suidperl’ program, you can’t run suid Perl script.
One situation may be when you want to use your nifty administrative Perl tool from a web interface, i.e. run a script which requires root access.
Anyhow, your Apache server runs as user ‘http’ or ‘nobody’, which makes it impossible to use the Perl script with ‘suidperl’ missing.
Here is where we will use the C wrapper (calm down, you don’t need any C knowledge at all):
Assume that your Perl script is installed as ‘http://www.yourweb.com/cgi-bin/yourniftytool.pl’, but it doesn’t work very well… 🙁

Create yourniftytool.c:

/*
 *
 * Compile via "cc -o yourniftytool yourniftytool.c"
 * and install as ./yourniftytool.
 * chown root:wheel ./yourniftytool
 * chmod 4755 ./yourniftytool
 * chown root:wheel ./yourniftytool.pl
 * chmod 0755 ./yourniftytool.pl
 *
 */
#define REAL_PATH "./yourniftytool.pl"
main(ac, av)
     char **av;
{
  execv(REAL_PATH, av);
}

Compile as

cc -o yourniftytool yourniftytool.c

Set permissions as follows:

chown root:wheel ./yourniftytool
chmod 4755 ./yourniftytool
chown root:wheel ./yourniftytool.pl
chmod 0755 ./yourniftytool.pl

Now you access the C wrapper as ‘http://www.yourweb.com/cgi-bin/yourniftytool’, which just calls ‘yourniftytool.pl’ with the suid flag set.
That’s it!

NOTE:
If you didn’t consider the SUID requirements for Perl scripts already, here is a hint what to put at the beginning of ‘yourniftytool.pl’:

# Required for SUID programs
#----------------------------------------
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
$ENV{'PATH'}='/bin:/usr/bin';
#----------------------------------------

via Red Antigua – Run suid Perl scripts under Apache without suidperl using a really simple C wrapper.

Bad Behavior has blocked 295 access attempts in the last 7 days.