Date: Tue, 3 Jun 1997 11:31:31 -0600 (MDT) From: gnat@frii.com To: Matthias Buelow <token@wicx50.informatik.uni-wuerzburg.de> Cc: ghelmer@cs.iastate.edu (Guy Helmer), freebsd-security@FreeBSD.ORG Subject: Re: Security problem with FreeBSD 2.2.1 default installation Message-ID: <199706031731.LAA02257@elara.frii.com> In-Reply-To: <199706031651.SAA24768@wicx20.informatik.uni-wuerzburg.de> References: <Pine.HPP.3.96.970603103342.16150G-100000@sunfire.cs.iastate.edu> <199706031651.SAA24768@wicx20.informatik.uni-wuerzburg.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthias Buelow writes: > routine for me to chmod 0 sperl/setuidperl etc. My standard installation process is now to: - build and install perl5.004 with a suidperl into /usr/local - make sure /usr/bin and /usr/local have perl and perl5 hard- linked to /usr/local/bin/perl5.004 - make sure /usr/bin/ and /usr/local/bin/ have perl4 being the perl4 that came with the system - make sure 5.004 suidperl is hardlinked between /usr/local/bin and /usr/bin - delete any *perl* crap that came with the system (curseperl and taintperl and sperl and any other oddities I stumble across in /usr/bin/) I have a question: because 2.2 and 2.1 seem to have /dev/fd/n where n is a file descriptor number, does this mean that FreeBSD doesn't need a suidperl because setuid scripts are now safe in the kernel? Nat
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706031731.LAA02257>