Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1143629
  • 博文数量: 53
  • 博客积分: 10025
  • 博客等级: 上将
  • 技术积分: 1640
  • 用 户 组: 普通用户
  • 注册时间: 2007-06-15 17:05
文章分类

全部博文(53)

文章存档

2011年(1)

2010年(3)

2009年(25)

2008年(24)

我的朋友

分类:

2008-04-28 17:48:20


   Perl 编写了一个系统的服务程序(见文章 另类的 Linux在线文本打印和基于 Perl的 Web Service ),开机时候利用 rc.d启动,但是运行时刻都是 root权限,对于脚本程序,比起二进制的ELF文件,毕竟更怕些,嘻,因为比较容易暴露源代码…

    为了保障运行的稳定性,也让系统更稳定一些,我们需要类似 setuid之类的函数,在不需要特权的时候,以一个伪用户权限运行。

    Perl 在处理这权限,用 $< 和 $>,如下:


$< The real uid of this process. (Mnemonic: it's the uid you came
        *from*, if you'
re running setuid.) You can change both the real
        uid and the effective uid at the same time by using
        POSIX::setuid(). Since changes to $< require a system call,
        check $! after a change attempt to detect any possible errors.

$> The effective uid of this process. Example:

            $< = $>; # set real to effective uid

            ($<,$>) = ($>,$<); # swap real and effective uid


        You can change both the effective uid and the real uid at the
        same time by using POSIX::setuid(). Changes to $> require a
        check to $! to detect any possible errors after an attempted
        change.

        (Mnemonic: it's the uid you went *to*, if you're running
        setuid.) $< and $> can be swapped only on machines supporting
        setreuid().


    简单的 $< 用法如下:

#!/usr/bin/perl

$
> = 0;
system "whoami";

$
> = 1000;
system "whoami";

$
> = 0;
system "whoami";



    运行效果如下:


# ./test.pl
root
dorainm
root

#

阅读(2558) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~