On Fri, May 24, 2002 at 09:52:58AM -0600, Bob Proulx wrote:
> Note that whenever you make a script suid or sgid you are trading in
> your padlock for a breadtie. There are many well known trivial
> ways to fool a suid script into giving you a shell of the id it
> is set to.
I get the distinct impression, based on `perldoc perlsec` that perl
is smart enough to detect and circumvent the relevant
vulnerabilities:
on many
versions of Unix, set-id scripts are inherently insecure
right from the start. The problem is a race condition in
the kernel.
Fortunately, sometimes this kernel "feature" can be
disabled. Unfortunately, there are two ways to disable
it. The system can simply outlaw scripts with any set-id
bit set, which doesn't help much. Alternately, it can
simply ignore the set-id bits on scripts. If the latter
is true, Perl can emulate the setuid and setgid mechanism
when it notices the otherwise useless setuid/gid bits on
Perl scripts. It does this via a special executable
called suidperl that is automatically invoked for you if
it's needed.
However, if the kernel set-id script feature isn't
disabled, Perl will complain loudly that your set-id
script is insecure.
No disagreement with respect to s[ug]id shell scripts, though.
--
When we reduce our own liberties to stop terrorism, the terrorists
have already won. - reverius
Innocence is no protection when governments go bad. - Tom Swiss
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
