开发者

Ruby on Rails- how to run a bash script as root?

开发者 https://www.devze.com 2022-12-09 13:44 出处:网络
What I\'m wanting to do is use \'button_to\' & friends to start different scripts on a linux server. Not all scripts will need to be root, but some will, since they\'ll be running \"apt-get dist-u

What I'm wanting to do is use 'button_to' & friends to start different scripts on a linux server. Not all scripts will need to be root, but some will, since they'll be running "apt-get dist-upgrade" and such.

The PassengerDefaultUser is set to www-data in apache2.conf

I have already tried running scripts from the controller that do little things like writing to text files, etc, just so that I know that I am having Rails execute the script correctly. (in other开发者_StackOverflow中文版 words, I know how to run a script from the controller) But I cannot figure out how to run a script that requires root access. Can anyone give me a lead?

A note on security: Thanks for all the warnings against hacking that were given. You don't need to loose any sleep, though, because A) the webapp is not accessible from the public internet, it will only be on private intranets, B) the app is password protected, and C) because the user will not be able to supply custom input, only make selections from a form that will be passed as variables to the script. However, because I say this does not mean that I am disregarding your recommendations for security- I will be considering them very carefully in my design.


You should be using the setuid bit to achieve the same functionality without sudo. But you shouldn't be running Bash scripts. Setuid is much more secure than sudo. Using either sudo or setuid, you are running a program as root. But only setuid (with the help of certain languages) offers some added security measures.

Essentially you'll be using scripts that are temporarily allowed to run as a the owner, instead of the user that invoked them. Ruby and Perl can detect when a script is run as a different user than the caller and enforces security measures to protect against unsafe calls. This is called Taint mode. Bash does not run in taint mode at all.

Taint mode essentially works by declaring all input from an outside source unsafe for use when passed to a system call.

Setting it up:

Use chmod to set permissions on the script you want to run as 4755 and set it's owner to root:

$ chmod 4755 script.rb
$ chown root script.rb

Then just run the script as you normally would. The setuid bit kicks in and runs the script as if it was run by root. This is the safest way to temporarily elevate privileges.

See Ruby's documentation on safe levels and taint to understand Ruby's sanitation requirements to protect against tainted input causing harm. Or the perlsec faq to learn the how the same thing is done in Perl.

Again. If you're dead set on running scripts as root from an automated system. Do Not Use Bash! Use Ruby or Perl instead of Bash. Taint mode forces you to take security seriously and can avoid many unnecessary problems down the line.

0

精彩评论

暂无评论...
验证码 换一张
取 消