If you want a perl script to run SUID you either patch the kernal to ignore the suid bit errors, or wrap it in some sort of C code. The risk comes from allowing user input to go to eval or system or some such. Do shells have some form of -T, like perl?
On Wed, 28 May 2003 09:34:48 -0400 - Matthew Carpenter <[EMAIL PROTECTED]> wrote > >I don't see that many security risks, if the script wasn't a script. The >script, by definition, uses a binary interpretter. As far as the OS is >concerned, that interpretter (the first line of the script has #!/bin/bash or >#!/usr/bin/perl etc....) would have to be SUID, not the script itself. It >#would be nice if SUID would work on scripts, but the mechanisms to do so >#would be more difficult than the value. If you want something SUID, you must >#use C or some other non-interpretted/VM'ed language. >_______________________________________________ >L _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
