[Bug 3586] [review] perl setuid fails, breaking spamd in FreeBSD, MacOS X

17 Jul 2004 04:43:17 -0000 

http://bugzilla.spamassassin.org/show_bug.cgi?id=3586





------- Additional Comments From [EMAIL PROTECTED]  2004-07-16 21:43 -------
Subject: Re:  [review] perl setuid fails, breaking spamd in FreeBSD, MacOS X

On Fri, Jul 16, 2004 at 08:33:35PM -0700, [EMAIL PROTECTED] wrote:
> Yes.  What do you want me to do...

Ok, so first, we should do the gid first, then the uid.  I believe we
do it this way now.

Second, the question at the moment is: Do the platforms that have the
UID issue have the same issue with GID?  If we're still root, as long
as setgid is allowed, it shouldn't matter what the order is.

I think these commands, run as root, will tell us:
perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $) = "1000 1000"; $( = 1000; 
p;'
perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $( = 1000; $) = "1000 1000"; 
p;'
perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $) = "1000 1000"; p; $) = $(; 
p; $( = 1000; $) = "1000 1000"; p;'

The first is the way we do it now.  The second is just reversing the
order of setting.  The third mimics the patch for uid.

The output of both $( and $) are multiple numbers, annoyingly.  The first
number is what really matters though.


Mac OS X: Will not setuid nor setgid.  seteuid and setegid work ok.

# perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $) = "1000 1000"; $( = 
1000; p;'
RGID: 0 80 31 20 5 4 3 2 1 0, EGID: 0 80 31 20 5 4 3 2 1 0
RGID: 0 1000, EGID: 1000 1000
# perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $( = 1000; $) = "1000 
1000"; p;'
RGID: 0 80 31 20 5 4 3 2 1 0, EGID: 0 80 31 20 5 4 3 2 1 0
RGID: 0 1000, EGID: 1000 1000
perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $) = "1000 1000"; p; $) = $(; 
p; $( = 1000;
$) = "1000 1000"; p;'
RGID: 0 80 31 20 5 4 3 2 1 0, EGID: 0 80 31 20 5 4 3 2 1 0
RGID: 0 1000, EGID: 1000 1000
RGID: 0 0, EGID: 0 0
RGID: 0 1000, EGID: 1000 1000



Linux, just for comparison:

# perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $) = "1000 1000"; $( = 
1000; p;'
RGID: 0 100 10 6 4 3 2 1 0, EGID: 0 100 10 6 4 3 2 1 0
RGID: 1000 1000, EGID: 1000 1000
# perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $( = 1000; $) = "1000 
1000"; p;'
RGID: 0 100 10 6 4 3 2 1 0, EGID: 0 100 10 6 4 3 2 1 0
RGID: 1000 1000, EGID: 1000 1000
# perl -e 'sub p {print "RGID: $(, EGID: $)\n";} p; $) = "1000 1000"; p; $) = 
$(; p; $( = 1000;
$) = "1000 1000"; p;'
RGID: 0 100 10 6 4 3 2 1 0, EGID: 0 100 10 6 4 3 2 1 0
RGID: 0 1000, EGID: 1000 1000
RGID: 0 1000, EGID: 0 1000
RGID: 1000 1000, EGID: 1000 1000





------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Reply via email to