From owner-cvs-all Fri Aug 11 13:21:32 2000 Delivered-To: cvs-all@freebsd.org Received: from sivka.rdy.com (sivka.rdy.com [207.33.166.86]) by hub.freebsd.org (Postfix) with ESMTP id 510B637BB0A; Fri, 11 Aug 2000 13:21:17 -0700 (PDT) (envelope-from dima@sivka.rdy.com) Received: (from dima@localhost) by sivka.rdy.com (8.9.3/8.9.3) id NAA18859; Fri, 11 Aug 2000 13:20:15 -0700 (PDT) (envelope-from dima) Message-Id: <200008112020.NAA18859@sivka.rdy.com> Subject: Re: cvs commit: src/gnu/usr.bin/perl Makefile In-Reply-To: <20000811144136.A12290@netmonger.net> "from Christopher Masto at Aug 11, 2000 02:41:48 pm" To: Christopher Masto Date: Fri, 11 Aug 2000 13:20:15 -0700 (PDT) Cc: "Chris D. Faulhaber" , Warner Losh , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Organization: HackerDome Reply-To: dima@rdy.com From: dima@rdy.com (Dima Ruban) X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Christopher Masto writes: > On Fri, Aug 11, 2000 at 02:29:37PM -0400, Chris D. Faulhaber wrote: > > > > Don't build suidperl by default. Make users specifically enable its > > > > building. > > > > > > Umm.. isn't that a bit of a radical change? Any reason for it? > > > > Any reason against it? Given the security hole found under Linux and > > potential problems of Yet Another Suid Binary, it seems a good > > idea. Also, see the recent discussions on FreeBSD-security. > > The reason against it is that it's a standard part of Perl, and a very > useful one. Without it, those who install from binary, or don't know > to set this option, will not be able to run setuid Perl programs. > Since Perl has some features specifically designed to aid in writing > secure setuid programs, removing suidperl could actually cause a > revenge effect and end up resulting in _more_ security holes. How do you see that resulting in _more_ security holes? If /usr/bin/suidperl doesn't exist and some program referes to it, it will give you "command not found" (or similar) message. > This was a strange interaction bug in a program which is very well > inspected, has a good security reputation, was fixed very quickly, and As Warner pointed out, this was a second problem with suidperl for the last 3 (or maybe 2) years. Generally it's more than enough to seriousely think about nuking it from the default installation. > didn't even apply to FreeBSD. It seems a big of an overreaction to > disable suidperl because of it. I don't think we overreacted. > As Warner said on freebsd-security, if you're paranoid, you can just > delete suidperl yourself. > > If this change is not backed out, I think it is important to at least I do not believe it will be backed out. > come up with an easy way to get suidperl without building from source. > We should not force this limitation on casual users. > -- > Christopher Masto Senior Network Monkey NetMonger Communications > chris@netmonger.net info@netmonger.net http://www.netmonger.net > > Free yourself, free your machine, free the daemon -- http://www.freebsd.org/ > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message