Friday, January 14, 2005

SetUid in Ruby, Perl, Python, Etc.

by Asim Jalis

I finally figured out how to use setuid in a Ruby CGI script so it can create and append to files using my effective uid. Incidentally, the same setuid trick should work just as well for other scripting languages such as Perl and Python. In the past I had made the directories writable by everyone, so that the web account ("nobody") could write to them. This always made me nervous. Here is the C code that fixes the UID problem: #include <unistd.h> int main(int argc, char *argv[]) { const char *script = "/foo/path/www/cgi-bin/script-rb.cgi"; execv(script, argv); } Modify the path to the script, compile to an executable called script.cgi, run chmod 6755 on the resulting executable, and it's ready to go. I have been playing with Ruby lately. The neatest thing about it is that the yield and block constructs allow you to create composable code fragments, that can be strung together, like Unix pipes.