From owner-freebsd-hackers  Fri May 26 19:23:01 1995
Return-Path: hackers-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id TAA08444
          for hackers-outgoing; Fri, 26 May 1995 19:23:01 -0700
Received: from alpha.xerox.com (alpha.Xerox.COM [13.1.64.93])
          by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id TAA08438
          for <hackers@freebsd.org>; Fri, 26 May 1995 19:22:56 -0700
Received: from gratiano.parc.xerox.com ([13.2.116.55]) by alpha.xerox.com with SMTP id <14542(2)>; Fri, 26 May 1995 19:22:20 PDT
Received: by gratiano.parc.xerox.com id <177863>; Fri, 26 May 1995 19:22:13 -0700
From: Bill Fenner <fenner@parc.xerox.com>
To: gpalmer@westhill.cdrom.com, mmead@glock.com
Subject: Re: Setuid perl scripts
Cc: hackers@FreeBSD.org
Message-Id: <95May26.192213pdt.177863@gratiano.parc.xerox.com>
Date: Fri, 26 May 1995 19:22:11 PDT
Sender: hackers-owner@FreeBSD.org
Precedence: bulk

Gary Palmer <gpalmer@westhill.cdrom.com> writes:
>In message <199505262153.RAA17029@Glock.COM>, "matthew c. mead" writes:
>>	Anyone know why setuid perl scripts don't work with /usr/bin/perl?
>>Thanks!
>
>Because when perl detects it's being run set[ug]id, it moves to
>working with `taintperl' which does a bit more security checking (or
>something) to prevent security holes opening up inadvertantly.

>From my meager reading of the code, /usr/bin/perl tries to exec
/usr/bin/tperl4/136 when it decides that it is being run setuid.
Normally it would exec /usr/bin/tperl4.036 but the perl import
broke its idea of how to build its version number.  In any case,
neither of these files exist so it will say something like
"Can't run setuid script with taint checks" .

  Bill