On Sun, 31 Jan 1999, Chip Salzenberg wrote: > > The code exists to check the mount options relevant to an open file. > It's just a Small Matter of Programming to integrate that into the > Perl source code, and disable emultation of setuid scripts when the > 'nosuid' mount option is set.
But, then every interpreter should do this (by analogy with you point below). Well, not a perfect analogy. But every suid-emulating interpreted. (Aside: Why hasn't linus patched the kernel so that suid scripts are secure? It's an easy task, surely?) > > And as for 'noexec', well, it's not relevant to Perl anyway. (All you > have to do is run "perl scriptname" instead of just "./scriptname".) > Or do you suggest that every single language compiler/interpreter must > check mount options? Should Java .class files be unusable if they're > on a 'noexec' filesystem? I don't _think_ so. As it is, noexec is almost useless. I can't help thinking that *all* interpreters *should* check noexec status. However, they don't.. Jules /----------------+-------------------------------+---------------------\ | Jelibean aka | [EMAIL PROTECTED] | 6 Evelyn Rd | | Jules aka | [EMAIL PROTECTED] | Richmond, Surrey | | Julian Bean | [EMAIL PROTECTED] | TW9 2TF *UK* | +----------------+-------------------------------+---------------------+ | War doesn't demonstrate who's right... just who's left. | | When privacy is outlawed... only the outlaws have privacy. | \----------------------------------------------------------------------/
