I recently needed to run a perl script with setuid bit set. This allows the script to run as the user the script’s file is owned by. In this case, I needed the script to run as root.
Since doing this can be very dangerous, Perl does something very nice by default: If you have the setuid bit set on the script, it forces the script to run in Taint Mode which helps to ensure proper sanitation of the environment and inputs. By doing this, Perl can help lock down possible attack vectors that can compromise the security of your script. This isn’t perfect however, so I do recommend that you read up on Perl’s security measures.
So now down to the main point of this post. I tried to run the script with the setuid bit set, and I got the following error message:
[user@server ~]$ run-script Can't do setuid (cannot exec sperl)
Well that certainly puts a damper on things. Fortunately, the solution is easy. There is simply an additional package that needs to be installed to provide the wrapper program that puts this Perl security in place.
For Debian (Ubuntu, Mint, etc as well), run the following:
[user@server ~]$ sudo apt-get install perl-suid
For CentOS, run the following:
[user@server ~]$ sudo yum install perl-suidperl