Date: Tue, 11 Mar 2003 10:39:50 -0600 From: Mike Meyer <mwm-dated-1047832791.f6bc73@mired.org> To: Ruben de Groot <fbsd-q@bzerk.org> Cc: Ryan Thompson <ryan@sasknow.com>, Paul Lathrop <plathrop@mqtweb.com>, freebsd-questions@FreeBSD.ORG Subject: Re: your mail Message-ID: <15982.4438.239810.828045@guru.mired.org> In-Reply-To: <20030311100729.GA95889@ei.bzerk.org> References: <5E789B70-538D-11D7-9C72-000393BF3DE2@mqtweb.com> <20030311004832.R34446-100000@ren.sasknow.com> <20030311100729.GA95889@ei.bzerk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In <20030311100729.GA95889@ei.bzerk.org>, Ruben de Groot <fbsd-q@bzerk.org> typed: > True. But there is the suidperl binary to circumvent this. If your > /usr/bin/suidperl is suid root (which it is not by default I believe), > perl will honor the suid or sgid bits on your perlscripts. I'd still recommend sudo instead of suid perl scripts. While it's easier to write secure suid program in Perl than in C or the shell, it's still difficult enough that I'd prefer having one trusted program to writing a number of such scripts. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/consulting.html Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15982.4438.239810.828045>