编写以root身份运行的perl cgi应用程序 [英] Writing a perl cgi applications which runs as root

问题描述

我正在编写一个perl cgi应用程序。在某个时间点，此cgi应用程序需要以root用户身份运行才能访问并写入特定文件。我想知道我应该怎么做以及在执行过程中应该采取的安全预防措施。

I am writing a perl cgi application. At some point of time this cgi application needs to run as root to access and write into a specific file. I would like to know how exactly I should go about doing this and the security precautions that I should take while doing it.

推荐答案

您几乎不应该这样做。

如果可以请避免，创建一个小的简单代码段，该代码段可以运行setuid root来执行该任务，仅此而已，或者使用 sudo 或类似的代码来运行一个脚本

If you can't avoid it, create a small and simple piece of code that runs with setuid root that does exactly that task and nothing more, or use sudo or similar to run a script that does just that.

为该文件提供适当的权限，以便您的网络用户可以对其进行写入（如果不需要的话，不必读取该文件）将是一个更好的选择。

Giving that file the appropriate permissions so that your web user can write to it (not necessarily read from it if that's not necessary) would be a better option.

这篇关于编写以root身份运行的perl cgi应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！