Perlbot/perlbuut
1
0
Fork 0
mirror of https://github.com/perlbot/perlbuut synced 2025-06-07 22:15:45 -04:00
Code Issues Releases Wiki Activity

No longer use root, instead use cap_sys_chroot on perl

Browse source
This commit is contained in:
Ryan Voots 2016-10-21 16:04:48 -04:00
parent a0b16eb284
commit a0de17ba45
1 changed files with 10 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
lib/eval.pl
View file

@ -210,11 +210,11 @@ use Storable qw/nfreeze/; nfreeze([]); #Preload Nfreeze since it's loaded on dem
# that chroot will prevent, so do it here. # that chroot will prevent, so do it here.
setrlimit(RLIMIT_CPU, 10,10); setrlimit(RLIMIT_CPU, 10,10);
# Root Check # # Root Check
if( $< != 0 ) # if( $< != 0 )
{ # {
die "Not root, can't chroot or take other precautions, dying\n"; # die "Not root, can't chroot or take other precautions, dying\n";
} # }
# The chroot section # The chroot section
chdir($FindBin::Bin."/../jail") or die "Jail not made, see bin/makejail.sh"; chdir($FindBin::Bin."/../jail") or die "Jail not made, see bin/makejail.sh";
@ -224,11 +224,11 @@ use Storable qw/nfreeze/; nfreeze([]); #Preload Nfreeze since it's loaded on dem
chroot(".") or die $!; chroot(".") or die $!;
# Here's where we actually drop our root privilege # # Here's where we actually drop our root privilege
$)="$nobody_uid $nobody_uid"; # $)="$nobody_uid $nobody_uid";
$(=$nobody_uid; # $(=$nobody_uid;
$<=$>=$nobody_uid; # $<=$>=$nobody_uid;
POSIX::setgid($nobody_uid); #We just assume the uid is the same as the gid. Hot. # POSIX::setgid($nobody_uid); #We just assume the uid is the same as the gid. Hot.
die "Failed to drop to nobody" die "Failed to drop to nobody"