问题
I am writing a perl cgi application. At some point of time this cgi application needs to run as root to access and write into a specific file. I would like to know how exactly I should go about doing this and the security precautions that I should take while doing it.
回答1:
You pretty much shouldn't.
If you can't avoid it, create a small and simple piece of code that runs with setuid root that does exactly that task and nothing more, or use sudo or similar to run a script that does just that.
Giving that file the appropriate permissions so that your web user can write to it (not necessarily read from it if that's not necessary) would be a better option.
回答2:
You must avoid doing that if you can at all times by all means.
If your program needs to write to the privileged file instantly, then go with Mat's reply. However, you can write the content somewhere else and run a cron job (say) every five minutes to copy the data.
来源:https://stackoverflow.com/questions/11733045/writing-a-perl-cgi-applications-which-runs-as-root