Date: Thu, 4 Dec 1997 23:03:46 -0500 (EST) From: Dan Jacobowitz <drow@chwest.org> To: freebsd-stable@freebsd.org Subject: Perl and setuid scripts Message-ID: <Pine.BSF.3.96.971204225822.5435A-100000@mars.wexpress.com>
next in thread | raw e-mail | index | archive | help
In the perl documentation it constantly refers to how certain BSDs set shell scripts to non-suid due to insecurity. Having browsed the relevant (I think) portions of kern_exec.c and imgact_shell.c, I do not think FreeBSD is one of them. Right? That would go along with the fact that perl is apparently built without the suid emulation (-DDOSUID). BUT - as soon as I made world, overwriting my former perl - first a 4.0 which came with FreeBSD 2.2.2 however that was compiled, and then a 5.004 built with -DDOSUID against the advice of the Configure program's freebsd default - with the2.2.5 copy of 4.0 built without -DDOSUID, suid perl scripts completely stopped working. What the heck am I missing here? The script is definitely NOT being run setuid ($< == $> == my-real-id-not-the-scripts-suid). Is something broken, or am I just blind and confused?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971204225822.5435A-100000>