Date: Fri, 11 Aug 2000 14:20:36 -0700 From: Peter Wemm <peter@netplex.com.au> To: dima@rdy.com Cc: Warner Losh <imp@village.org>, Christopher Masto <chris@netmonger.net>, "Chris D. Faulhaber" <jedgar@fxp.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/gnu/usr.bin/perl Makefile Message-ID: <200008112120.OAA92642@netplex.com.au> In-Reply-To: <200008112106.OAA19283@sivka.rdy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dima Ruban wrote:
> Peter Wemm writes:
> > Warner Losh wrote:
> > > In message <200008111913.MAA91892@netplex.com.au> Peter Wemm writes:
> > > : > Side note: is there a way to create a port that builds part of the
> > > : > /usr/src tree in a different than default way?
> > > : >
> > > : > Warner
> > > :
> > > : Not easily. I would prefer that we built and instaled it, but made it
mode
> > > : 444 (unexecutable) or something and let the user chmod 6111 later if th
ey
> > > : want it. It is a lot easier to activate a binary than find or build it
.
> > >
> > > OK. Any preference between mode 444 and mode 0? Since it is hard to
> > > make a port to do this, I think that you may be right.
> >
> > Actually.. How does this sound:
>
> Sounds nice, but you'll need to handle it in make world, since the next make
> world will nuke it again with shell script. But the idea is nice.
Read what I wrote: only install the wrapper if there is nothing there...
> > cat /usr/bin/suidperl
> > #! /bin/sh
> > echo "suidperl is not installed by default. blah blah danger etc. try:"
> > echo "cp /usr/bin/suidperl.real /usr/bin/suidperl"
> > echo "chmod 6111 /usr/bin/suidperl"
> > exit 1
> >
> > and install suidperl as /usr/bin/suidperl.real with mode 444. Only install
> > the suidperl wrapper into /usr/bin if it is not already there. That
> > stops POLA by preventing blowing away a real /usr/bin/suidperl.
> >
> > If ENABLE_SUIDPERL is active, then unconditionally install suidperl in
> > /usr/bin/suidperl with the correct modes.
> >
> >
> > > Warner
> > >
> >
> > Cheers,
> > -Peter
> > --
> > Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au
> > "All of this is for nothing if we don't go to the stars" - JMS/B5
> >
> >
>
> -- dima
>
Cheers,
-Peter
--
Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au
"All of this is for nothing if we don't go to the stars" - JMS/B5
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008112120.OAA92642>