You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1.4 KiB
1.4 KiB
Perl Necklace, v0.3
by Jonathan Leto <jonathan@leto.net>
--
Read INSTALL for installation instructions
Background:
I love perl, but I don't love that it doesn't have many sitewide security
features builtin. So I wrote Perl Necklace, to scratch an itch, and to let me
sleep a bit better knowing that I have one more weapon in my anti-script-kiddie arsenal.
How it works:
The chroot feature doesn't chroot perl, it justs chroots the script that is
running. So the only thing that need to exist in the chrooted environment is
the /usr/lib/perl5 directory (where all the modules are installed). You may also
want a /dev/log in there to use syslogd.
If FIX_PWD is set, and you have created symlinks so that the new path
in the chrooted evironment is the same as the old one, then scripts can continue
to use relative paths when open/manipulating files. If you don't set FIX_PWD, all
scripts that use relative paths will brake because when chrooting, you must chdir
to the new root directory.
Fiddle with the config.h, it is easy.
Note:
Keep a backup of your old perl, like /usr/bin/realperl or something. Don't
say I didn't warn you.
Requirements:
Perl 5.005
Enhancements:
If you have a patch/bugfix/suggestion, email me, I want to make Perl Necklace
as versatile as possible.
Tested Environments:
Redhat Linux 6.2 2.2.14 x86 , perl 5.005_03
FreeBSD 3.4-RELEASE x86 , perl 5.005_03
OpenBSD 2.6 x86, 5.005_03
Doesn't work on:
IRIX 6.5 ( missing headers )