Date: Tue, 3 Jun 1997 23:22:34 -0400 (EDT) From: Adam Shostack <adam@homeport.org> To: gnat@frii.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: Security problem with FreeBSD 2.2.1 default installation Message-ID: <199706040322.XAA27060@homeport.org> In-Reply-To: <199706031731.LAA02257@elara.frii.com> from "gnat@frii.com" at "Jun 3, 97 11:31:31 am"
next in thread | previous in thread | raw e-mail | index | archive | help
gnat@frii.com wrote: | My standard installation process is now to: | | - build and install perl5.004 with a suidperl into /usr/local Why install setuid perl by default? (My personal feeling is that perl, while wonderful, is too big to be trustworthy. Use a C wrapper to strip the environment, and call the perl script with a "checked against the ok" list of arguments.) Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706040322.XAA27060>