NAME

Acme::Abuse - Perl extension for setid modules

SYNOPSIS

WARNING! WARNING! WARNING!

This module B<HAS NOT> been security audited by anyone competent to
do so. If you use it, you assume all responsibility for ensuring it
meets your security requirements.

WARNING! WARNING! WARNING!

use Acme::Abuse;
abuse Abused;

# Abused.pm (should be executable and setid)

#!/usr/bin/perl

use strict;
use warnings;

use Acme::Abuse VICTIM => 'FLYWEIGHT';

DESCRIPTION

This module arose out of a comment on clpmisc that it would be useful to have a way of 'abusing' a module which would invoke a new setid perl interpreter and pass all calls to the given module to that.

use Acme::Abuse installs a code filter which causes abuse Abused to load Abused.pm setid, if it is compatible, and arrange for all calls to functions in Abused:: to be passed to this setid perl.

Modules which wish to be abused must declare this with use Acme::Abuse 'VICTIM'. They should also have a #! line, and be executable and appropriately setid. The use Acme::Abuse line should come right after the #! line, an appropriate package statement, possibly use strict; use warnings; and any <use lib> needed to find Acme::Abuse.

The abused module file will actually execd, and passed a pair of pipes to communicate with the parent process through. When a sub in the abused package is invoked, the sub's name, arguments and context are frozen with Storable and passed to the child. The child then invokes the appropriate sub, freezes the results and passes them back.

This means that anything which cannot be successfully frozen, such a filehandles, cannot be passed or returned. Closures can be used iff both processes set $Storable::Eval to true: note that this is probably hideously insecure. As a partial workaround for this, OO modules can pass 'FLYWEIGHT' on their use Acme::Abuse line: this will cause all all objects derived from your class to only exist in the setid interpreter. Acme::Abuse::Obj objects will be passed back instead, and these will be translated back into the real objects when they are used as sub arguments.

BUGS

I assume that the abused module defines exactly one package, and also that the import method does nothing cleverer than importing some subs into the caller's namespace. Anything more than this will break.

The setid process is a completely separate interpreter, so any modules or pragmas used in the parent process will not affect it.

This module is almost certainly not portable away from Unix; although the pass-frozen-stuff-through-pipes idea is pretty general, so if you can find a way to make your module file executable as a perl program with enhanced priviledges you may be able to use it.

The test suite is pitifully incomplete.

There are almost certainly serious bugs lurking somewhere in code this funky :).

AUTHOR

Ben Morrow <Acme-Abuse@morrow.me.uk>

COPYRIGHT AND LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.2 or, at your option, any later version of Perl 5 you may have available.

To install Acme::Abuse, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Acme::Abuse

CPAN shell

perl -MCPAN -e shell
install Acme::Abuse

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)