03-31-2006
Searching for SETUID and SETGID using PERL file find with lstat
About System and Perl: Sun Solaris 5.9 sparc, Perl 5.6.1
I've decided to use the perl file::find module to look for all the SETUID and SETGID files on my unix boxes. I wrote something like this: (I've shorted it a little to make it simple)
#!/opt/perl/bin/perl
use File::Find;
find \&wanted, "/";
sub wanted {
(($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = lstat("$_"));
if ($mode eq "34280") {
print "Mode = $mode\n";
system "ls -dl $_\n";
}
As you can see I am making an lstat call on each file. I'm reading the mode variable on each file to determine if it's a SETUID/SETGID or both.
However, each mode seems to differ. A file that is -rwsrwsrwx might have a mode of 36351 but a file with -rwsrwsrw- might have a file mode of 37987. Maybe this isn't the best way to do this. Can someone show me a better way to do this or explain how I get a list of mode numbers in Solaris. I don't want to use the unix find because it's to damn slow. Perl file find is fast and I prefer to us it.
Thanks,
x
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
i tried to use stat to get the attributes of a file and a soft link. but the result i got from stat and lstat are the same.
say:
ln -s f1 soft1 (soft is a soft link , point to f1)
if i use > ls -il
shows the inode and modify time of soft1 and f1 are different.
but the modify... (1 Reply)
Discussion started by: gusla
1 Replies
2. UNIX for Dummies Questions & Answers
Hi,
I have been looking at setuid and setgid.
I understand that setuid determines who owns the file and setgid determines which group of people can access the file... yeah?!
But i need to know how to actually use setuid and setgid. I'm guessing chmod will feature somewhere..
Any help... (1 Reply)
Discussion started by: crispy
1 Replies
3. Shell Programming and Scripting
Hi All,
I need to search for a string in a file that I've opened and base a decision on the result. The logic is this:
"if the word 'Shared' appears on the first line then
do this on the whole file
else
do this on the whole file
"
The code I currently have isn't working:... (4 Replies)
Discussion started by: pondlife
4 Replies
4. Solaris
hi..
why we go for setuid, setgid permissions?
as a system admin ,when we use this ,except default solaris setuid,setgid files and dirs..
hopes that anyone can help me regarding this.. (1 Reply)
Discussion started by: saravananpalani
1 Replies
5. UNIX Desktop Questions & Answers
I would like to list files with setuid and setgid set up. I used the find command, but I got a lot of permission denied error. I tried to redirect the error to the hole it does not work. I used the command string below
find . -type f \( -perm -4000 -o -perm -2000 \) -exec ls {} \; 2>/dev/null... (3 Replies)
Discussion started by: Pouchie1
3 Replies
6. Shell Programming and Scripting
Hi
I would like to read a file using perl and search for a string (last entry). Then read that into an array and do further grep
File content for ex:
comp=a,value=30,runtime=12,type=lic
comp=d,value=15,runtime=2,type=lic
comp=a,value=90,runtime=43,type=lic... (1 Reply)
Discussion started by: vivek_damodaran
1 Replies
7. UNIX for Dummies Questions & Answers
While I was looking for tips for hardening the security of my MAC OSX I found the following posting:
"<How to disable Setuid and Setgid Binaries >
Setuid programs run with the privileges of the file's owner
(which is often root), no matter which user executes them.
Bugs in these programs... (6 Replies)
Discussion started by: Vera
6 Replies
8. Solaris
I have a user AAA who's who is part of a group call clserv and techsupp, His userfiles have the following permissions:-
drwxrwx--- 16 AAA clserv 1858 Aug 22 12:48 UserFiles
he has a link in his UserFiles/
lrwxrwxrwx 1 root root 36 Mar 9 2013 TECHSUPP_GLOBAL... (5 Replies)
Discussion started by: kilobyter
5 Replies
9. Shell Programming and Scripting
so im writing a script for a android system. these types of systems are not the typical unix systems.
what i need to do is basic. i have a script which I put in a directory and then zipped up the directory in a zip file. that way, when the script is unzipped, the person unzipping will see... (1 Reply)
Discussion started by: SkySmart
1 Replies
10. UNIX for Beginners Questions & Answers
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
Discussion started by: sreyan32
2 Replies
LEARN ABOUT CENTOS
file::stat
File::stat(3pm) Perl Programmers Reference Guide File::stat(3pm)
NAME
File::stat - by-name interface to Perl's built-in stat() functions
SYNOPSIS
use File::stat;
$st = stat($file) or die "No $file: $!";
if ( ($st->mode & 0111) && $st->nlink > 1) ) {
print "$file is executable with lotsa links
";
}
if ( -x $st ) {
print "$file is executable
";
}
use Fcntl "S_IRUSR";
if ( $st->cando(S_IRUSR, 1) ) {
print "My effective uid can read $file
";
}
use File::stat qw(:FIELDS);
stat($file) or die "No $file: $!";
if ( ($st_mode & 0111) && ($st_nlink > 1) ) {
print "$file is executable with lotsa links
";
}
DESCRIPTION
This module's default exports override the core stat() and lstat() functions, replacing them with versions that return "File::stat"
objects. This object has methods that return the similarly named structure field name from the stat(2) function; namely, dev, ino, mode,
nlink, uid, gid, rdev, size, atime, mtime, ctime, blksize, and blocks.
As of version 1.02 (provided with perl 5.12) the object provides "-X" overloading, so you can call filetest operators ("-f", "-x", and so
on) on it. It also provides a "->cando" method, called like
$st->cando( ACCESS, EFFECTIVE )
where ACCESS is one of "S_IRUSR", "S_IWUSR" or "S_IXUSR" from the Fcntl module, and EFFECTIVE indicates whether to use effective (true) or
real (false) ids. The method interprets the "mode", "uid" and "gid" fields, and returns whether or not the current process would be allowed
the specified access.
If you don't want to use the objects, you may import the "->cando" method into your namespace as a regular function called "stat_cando".
This takes an arrayref containing the return values of "stat" or "lstat" as its first argument, and interprets it for you.
You may also import all the structure fields directly into your namespace as regular variables using the :FIELDS import tag. (Note that
this still overrides your stat() and lstat() functions.) Access these fields as variables named with a preceding "st_" in front their
method names. Thus, "$stat_obj->dev()" corresponds to $st_dev if you import the fields.
To access this functionality without the core overrides, pass the "use" an empty import list, and then access function functions with their
full qualified names. On the other hand, the built-ins are still available via the "CORE::" pseudo-package.
BUGS
As of Perl 5.8.0 after using this module you cannot use the implicit $_ or the special filehandle "_" with stat() or lstat(), trying to do
so leads into strange errors. The workaround is for $_ to be explicit
my $stat_obj = stat $_;
and for "_" to explicitly populate the object using the unexported and undocumented populate() function with CORE::stat():
my $stat_obj = File::stat::populate(CORE::stat(_));
ERRORS
-%s is not implemented on a File::stat object
The filetest operators "-t", "-T" and "-B" are not implemented, as they require more information than just a stat buffer.
WARNINGS
These can all be disabled with
no warnings "File::stat";
File::stat ignores use filetest 'access'
You have tried to use one of the "-rwxRWX" filetests with "use filetest 'access'" in effect. "File::stat" will ignore the pragma, and
just use the information in the "mode" member as usual.
File::stat ignores VMS ACLs
VMS systems have a permissions structure that cannot be completely represented in a stat buffer, and unlike on other systems the
builtin filetest operators respect this. The "File::stat" overloads, however, do not, since the information required is not available.
NOTE
While this class is currently implemented using the Class::Struct module to build a struct-like class, you shouldn't rely upon this.
AUTHOR
Tom Christiansen
perl v5.16.3 2013-03-04 File::stat(3pm)