From owner-freebsd-questions@FreeBSD.ORG  Tue Sep 26 01:03:33 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 11C0516A412
	for <freebsd-questions@freebsd.org>;
	Tue, 26 Sep 2006 01:03:33 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4B8BD43D5F
	for <freebsd-questions@freebsd.org>;
	Tue, 26 Sep 2006 01:03:31 +0000 (GMT) (envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
	by mail.cs.ait.ac.th (8.13.1/8.12.11) with ESMTP id k8Q13GU9033705
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Tue, 26 Sep 2006 08:03:16 +0700 (ICT)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.13.3/8.12.11) id k8Q13Uig084976;
	Tue, 26 Sep 2006 08:03:30 +0700 (ICT)
Date: Tue, 26 Sep 2006 08:03:30 +0700 (ICT)
Message-Id: <200609260103.k8Q13Uig084976@banyan.cs.ait.ac.th>
From: Olivier Nicole <on@cs.ait.ac.th>
To: bcook@poklib.org
In-reply-to: <4517D1D0.3080703@poklib.org> (bcook@poklib.org)
References: <4517D1D0.3080703@poklib.org>
X-Virus-Scanned: on CSIM by amavisd-milter (http://www.amavis.org/)
Cc: freebsd-questions@freebsd.org
Subject: Re: When to use SUID Perl (5.8.x)?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Sep 2006 01:03:33 -0000

Hi, 

> Just wondering what do you need suid perl for?

To run a Perl script that needs to get root privileges.

> it is a security risk having it?

It is always a risk to have a powerfull tool installed when you don't
need it. If a security bug is discovered in Perl, one could be able to
become root without you wanting it.

> Is the risk that if the webserver/webserver-app gets comprimised the 
> user could use perl?

It depends on whatyou are running on your server.

If you don't need setuid perl, do not install it :))

Olivier