Syndicate content

Insecure $ENV{PATH} ...

Today, I was trying to run psql from a program when I got this error:

  Insecure $ENV{PATH} while running setuid at ...

At first, I thought that psql would be testing something about the user, but in fact, psql is a perl script that runs in secure mode. In other words, this applies to any tool written in perl.

The perl interpreter makes sure that the current user identifier is the same as the effective user identifier. When there is a mismatch, the interpreter breaks with that error.

In my case, my program is written in C and I could simply force the current user identifier to make everything work as expected:

    unix_uid = geteuid();
    setresuid(unix_uid, unix_uid, unix_uid);

That code gets the current effective user identifier and sets it in all the possible user identifiers available on Linux.

On an older operating system, you may need to use setuid() and some other similar functions.

After I added that call, the error disappeared.

More information about the secure version of the perl interpreter.

Syndicate content

     

Terms of Site Index

Find the page/content you are looking for with our index.

  • deamon
  • lock

    A lock is used to limit the use of shared resources in different ways. When only using the data in read mode, the lock will prevent modifications, but any number of threads and processes can access the data. When in write mode, then only the owner can access the data.

  • space
  • Unix

    An Operating System that works. All the specifications are free and Linux, AIX, HP-UX, SunOS, Solaris, IRIX are examples of a Unix implementation.

  • Warthog