Date: Fri, 23 Aug 2002 10:51:40 +1000 From: Tim Robbins <tjr@freebsd.org> To: Mark Murray <mark@grondar.za> Cc: cvs-all@freebsd.org, cvs-committers@freebsd.org Subject: Re: cvs commit: src/usr.bin/perl pathnames.h perl.c Message-ID: <20020823105140.A24997@dilbert.robbins.dropbear.id.au> In-Reply-To: <200208221039.g7MAduQg056353@grimreaper.grondar.org>; from mark@grondar.za on Thu, Aug 22, 2002 at 11:39:56AM %2B0100 References: <20020822112151.A17650@uriah.heep.sax.de> <200208221039.g7MAduQg056353@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 22, 2002 at 11:39:56AM +0100, Mark Murray wrote: > > Anyway, upon seeing the current /usr/bin/perl, i thought it to > > be a Good Idea. Since virtually all Unix-like operating systems > > these days (with FreeBSD being the exception now) ship Perl as > > /usr/bin/perl, it makes the script well portable to have a > > redirector there. We've got so many other redirectors (MTA, > > binutils -> ELF/COFF etc.), why not keep /usr/bin/perl as well? > > My (not very strong) objection to this is that it is too specific. It's way too specific, difficult to get right when perl isn't in the PATH or when PATH is untrusted and `tricks' some programs into thinking perl is installed when it is not (editors/vim port, for example). I think the perl wrapper should be treated as if it were suid, and more attention paid to its security and correctness. Using strcmp() to check whether two pathnames refer to the same file, for example, is not very careful, and leads to infinite execve() loops when files have multiple links. Tim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020823105140.A24997>