On Wed, Jan 18, 2006 at 09:46:47PM +0000, Alexey Toptygin wrote: > Now, the wierd thing is that perlsec(1), which tells us all these > wonderful things, implies that the suid script problem was fixed in recent > kernels by leaving the script open while execing the interpreter, and
Note that approximately once every eighteen months or so, a new problem is found which is more more icky if suidperl is around. (Sometimes it's a suidperl problem, most recently it was a buffer overflow in Perl, IIRC.) So although suidperl is now safe for small children and kittens to use, I still don't install it. > giving the interpreter /dev/fd/whatever as the script name, which is > smething I haven't been able to verify... on my Debian/testing box, suid > scripts are disabled, and the script name is not passed as /dev/fd/x, so > I'm a little confused as to what "fixed" systems perlsec(1) is referring > to (some BSD maybe?) Anyway, suidperl is part of the optional perl-suid > package, so its potential insecureness isn't installed by default. There's a lot of controversy as to whether or not OS $foo has secure suid shell scripts. Solaris 7 does, as far as Perl is concerned. (I know because I built it last week, and it said so.) The jury is out as to whether or not Linux is this week, and ditto for the BSDs. Ben -- Ben Stern UNIX & Networks Monkey [EMAIL PROTECTED] This post does not represent FTI, even if I claim it does. Neener neener. UM Linux Users' Group Electromagnetic Networks Microbrew Software
