perl scripting advice?
Results 1 to 4 of 4

Thread: perl scripting advice?

  1. #1
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670

    perl scripting advice?

    I do a lot of PERL scripting for a small company to do various sysadmin tasks on the LP subsystem of several HP-UX systems. I'd like to think my code is fairly bulletproof, but I'm not a perl expert yet, and these scripts are usually running as 'lp' or 'root'. (an unfortunate necessity for much of the LP subsystem). Can anyone give me a few scripting tips I can follow so I'm not opening up a buffer overflow hole or some other exploit?
    /* You are not expected to understand this. */

  2. #2
    AO Antique pwaring's Avatar
    Join Date
    Aug 2001
    Posts
    1,409
    Start all your scripts with the following code:

    #!/usr/bin/perl -wT

    use strict;

    This will force warnings, taint checking and strict variable assignments to ensure that data doesn't come from unauthorised external sources, all variables are declared/assigned properly etc.

    Buffer overflows tend to occur with C programs, although there's nothing wrong with being paranoid. Can you not create a separate group/user to run the scripts instead of root (nobody is a choice many people use)?
    Paul Waring - Web site design and development.

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    OpenBSD - The proactively secure operating system.

  4. #4
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    Nice site, smirc! Thanks!

    pwaring -- I CAN run the scripts under a different name, but to access some of the commands in the lp sub-system, I will have to become 'lp' or 'root' at some time. Multiple print job cancels, for example, cannot be done by an ordinary user. Must be done by 'lp'.

    Anyone with 'lp' access, however, can wreak some serious havoc with business-critical output.
    /* You are not expected to understand this. */

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides