Help-Site Computer Manuals
Software
Hardware
Programming
Networking
  Algorithms & Data Structures   Programming Languages   Revision Control
  Protocols
  Cameras   Computers   Displays   Keyboards & Mice   Motherboards   Networking   Printers & Scanners   Storage
  Windows   Linux & Unix   Mac

Acme::Abuse
Perl extension for setid modules

Acme::Abuse - Perl extension for setid modules


NAME

Acme::Abuse - Perl extension for setid modules


SYNOPSIS

WARNING! WARNING! WARNING!


  This module B<HAS NOT> been security audited by anyone competent to

  do so. If you use it, you assume all responsibility for ensuring it

  meets your security requirements.

WARNING! WARNING! WARNING!


  use Acme::Abuse;

  abuse Abused;

# Abused.pm (should be executable and setid)


  #!/usr/bin/perl

  

  use strict;

  use warnings;

  use Acme::Abuse VICTIM => 'FLYWEIGHT';


DESCRIPTION

This module arose out of a comment on clpmisc that it would be useful to have a way of 'abusing' a module which would invoke a new setid perl interpreter and pass all calls to the given module to that.

use Acme::Abuse installs a code filter which causes abuse Abused to load Abused.pm setid, if it is compatible, and arrange for all calls to functions in Abused:: to be passed to this setid perl.

Modules which wish to be abused must declare this with use Acme::Abuse 'VICTIM'. They should also have a #! line, and be executable and appropriately setid. The use Acme::Abuse line should come right after the #! line, an appropriate package statement, possibly use strict; use warnings; and any <use lib> needed to find Acme::Abuse.

The abused module file will actually execd, and passed a pair of pipes to communicate with the parent process through. When a sub in the abused package is invoked, the sub's name, arguments and context are frozen with Storable and passed to the child. The child then invokes the appropriate sub, freezes the results and passes them back.

This means that anything which cannot be successfully frozen, such a filehandles, cannot be passed or returned. Closures can be used iff both processes set $Storable::Eval to true: note that this is probably hideously insecure. As a partial workaround for this, OO modules can pass 'FLYWEIGHT' on their use Acme::Abuse line: this will cause all all objects derived from your class to only exist in the setid interpreter. Acme::Abuse::Obj objects will be passed back instead, and these will be translated back into the real objects when they are used as sub arguments.


BUGS

I assume that the abused module defines exactly one package, and also that the import method does nothing cleverer than importing some subs into the caller's namespace. Anything more than this will break.

The setid process is a completely separate interpreter, so any modules or pragmas used in the parent process will not affect it.

This module is almost certainly not portable away from Unix; although the pass-frozen-stuff-through-pipes idea is pretty general, so if you can find a way to make your module file executable as a perl program with enhanced priviledges you may be able to use it.

The test suite is pitifully incomplete.

There are almost certainly serious bugs lurking somewhere in code this funky :).


SEE ALSO

perlfunc/use, Filter::Simple, Storable


AUTHOR

Ben Morrow <Acme-Abuse@morrow.me.uk>


COPYRIGHT AND LICENSE

Copyright (C) 2003 by Ben Morrow

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.2 or, at your option, any later version of Perl 5 you may have available.

Programminig
Wy
Wy
yW
Wy
Programming
Wy
Wy
Wy
Wy