Date: 6 Nov 1997 20:37:41 GMT From: chris@netmonger.net (Christopher Masto) To: freebsd-questions@freebsd.org Subject: Secure setuid scripts Message-ID: <63t9ql$loi$2@schenectady.netmonger.net>
next in thread | raw e-mail | index | archive | help
Ok, this may actually be a stupid question, but here it is. I'm a very big fan of Perl and I tend to install it a lot. Every time, I get to this Configure question: Some kernels have a bug that prevents setuid #! scripts from being secure. Some sites have disabled setuid #! scripts because of this. First let's decide if your kernel supports secure setuid #! scripts. (If setuid #! scripts would be secure but have been disabled anyway, don't say that they are secure if asked.) If you are not sure if they are secure, I can check but I'll need a username and password different from the one you are using right now. If you don't have such a username or don't want me to test, simply enter 'none'. Other username to test security of setuid scripts with? [none] demo "su" will (probably) prompt you for demo's password. Password: I don't think setuid scripts are secure. Does your kernel have *secure* setuid scripts? [n] I'm never quite sure what to answer here. I tend to say "n" and enable setuid emulation, but I'd rather be a bit more clued-in. I seem to recall that I actually understood more of this at one point and it had something to do with a race condition and passing a file number and something about the fix involving /dev/fd/*. Is this fixed in FreeBSD? (-STABLE, -CURRENT, or -ANYWHERE?) If not, is there a reason? Thanks. -- = Christopher Masto = chris@netmonger.net = http://www.netmonger.net/ = = NetMonger Communications = finger for PGP key = $19.95/mo unlimited access = = Director of Operations = (516) 221-6664 = mailto:info@netmonger.net =
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?63t9ql$loi$2>