Syndicate content

Insecure $ENV{PATH} ...

Today, I was trying to run psql from a program when I got this error:

  Insecure $ENV{PATH} while running setuid at ...

At first, I thought that psql would be testing something about the user, but in fact, psql is a perl script that runs in secure mode. In other words, this applies to any tool written in perl.

The perl interpreter makes sure that the current user identifier is the same as the effective user identifier. When there is a mismatch, the interpreter breaks with that error.

In my case, my program is written in C and I could simply force the current user identifier to make everything work as expected:

    unix_uid = geteuid();
    setresuid(unix_uid, unix_uid, unix_uid);

That code gets the current effective user identifier and sets it in all the possible user identifiers available on Linux.

On an older operating system, you may need to use setuid() and some other similar functions.

After I added that call, the error disappeared.

More information about the secure version of the perl interpreter.

Syndicate content

     

Terms of Site Index

Find the page/content you are looking for with our index.