PERL Beginners - perl script load module as root ?

Author

perl script load module as root ?

Michael Gale

2006-10-23, 9:57 pm

Hello,

I have a perl module that updates iptables using the IPTables::IPv4
module.

Now currently we have a service that runs as a non-root user and we
would like to plug our perl module into this service so the server can
change iptable rules.

However to use the IPTables::IPv4 module I believe you need to be root ?
Is there a way that perl can load a module as root ? or somehow sudo
with in it self to use the module ?

Thanks

--
Michael Gale

Red Hat Certified Engineer
Network Administrator
Pason Systems Corp.

Tom Phoenix

2006-10-23, 9:57 pm

On 10/23/06, Michael Gale <michael.gale@pason.com> wrote:

> Is there a way that perl can load a module as root ? or somehow sudo
> with in it self to use the module ?

Not like you're thinking. Sorry.

One way around the problem is to make a privileged daemon which can
update the tables (or whatever is needed), and a non-privileged
program which can tell the daemon what to do.

Of course, when anything is running as root, the usual warnings about
security risks apply. And you'll need a way to ensure that the daemon
does the right thing, even if a (malicious?) user wants to tell it
otherwise.

It doesn't have to be a daemon, in fact; an ordinary set-id program
may be enough, especially if the requests are infrequent. But the same
security worries apply.

Good luck with it!

--Tom Phoenix
Stonehenge Perl Training

Sponsored Links