Date: Fri, 26 May 1995 19:22:11 PDT From: Bill Fenner <fenner@parc.xerox.com> To: gpalmer@westhill.cdrom.com, mmead@glock.com Cc: hackers@FreeBSD.org Subject: Re: Setuid perl scripts Message-ID: <95May26.192213pdt.177863@gratiano.parc.xerox.com>
next in thread | raw e-mail | index | archive | help
Gary Palmer <gpalmer@westhill.cdrom.com> writes: >In message <199505262153.RAA17029@Glock.COM>, "matthew c. mead" writes: >> Anyone know why setuid perl scripts don't work with /usr/bin/perl? >>Thanks! > >Because when perl detects it's being run set[ug]id, it moves to >working with `taintperl' which does a bit more security checking (or >something) to prevent security holes opening up inadvertantly. >From my meager reading of the code, /usr/bin/perl tries to exec /usr/bin/tperl4/136 when it decides that it is being run setuid. Normally it would exec /usr/bin/tperl4.036 but the perl import broke its idea of how to build its version number. In any case, neither of these files exist so it will say something like "Can't run setuid script with taint checks" . Bill
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?95May26.192213pdt.177863>