Date: Fri, 05 Jul 2002 00:35:04 +0900 From: "Akinori MUSHA" <knu@iDaemons.org> To: Tim Robbins <tjr@FreeBSD.ORG> Cc: Peter Pentchev <roam@ringlet.net>, audit@FreeBSD.ORG Subject: Re: suidperl Message-ID: <86r8ijpkuv.wl@daemon.musha.org> In-Reply-To: <20020704225009.A54167@dilbert.robbins.dropbear.id.au> References: <86sn2zpzmp.wl@daemon.musha.org> <20020704221031.A53275@dilbert.robbins.dropbear.id.au> <20020704121413.GB382@straylight.oblivion.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
At Thu, 4 Jul 2002 22:50:09 +1000,
Tim Robbins wrote:
> In any case, the way /usr/bin/perl relies on PATH to find the interpreter
> is unsafe to a lesser degree even with the suid bit turned off.
Indeed. We must add the same check that the real suidperl has to the
wrapper.
By the way, do we really need a perl wrapper in the first place? I
suppose we can tweak ports/lang/perl5 to create symlinks (for example)
when NO_PERL_SYMLINKS is not defined.
--
/
/__ __ Akinori.org / MUSHA.org
/ ) ) ) ) / FreeBSD.org / Ruby-lang.org
Akinori MUSHA aka / (_ / ( (__( @ iDaemons.org / and.or.jp
"When I leave I don't know what I'm hoping to find
When I leave I don't know what I'm leaving behind.."
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86r8ijpkuv.wl>