Date: Fri, 11 Aug 2000 23:09:10 +0200 From: Neil Blakey-Milner <nbm@mithrandr.moria.org> To: Dima Ruban <dima@rdy.com> Cc: Peter Wemm <peter@netplex.com.au>, Christopher Masto <chris@netmonger.net>, "Chris D. Faulhaber" <jedgar@fxp.org>, Warner Losh <imp@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/gnu/usr.bin/perl Makefile Message-ID: <20000811230910.A58926@mithrandr.moria.org> In-Reply-To: <200008112102.OAA19233@sivka.rdy.com>; from dima@rdy.com on Fri, Aug 11, 2000 at 02:02:13PM -0700 References: <200008112058.NAA92441@netplex.com.au> <200008112102.OAA19233@sivka.rdy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri 2000-08-11 (14:02), Dima Ruban wrote: > > > How do you see that resulting in _more_ security holes? > > > If /usr/bin/suidperl doesn't exist and some program referes to it, it will > > > give you "command not found" (or similar) message. > > > > Because people start writing setuid "#! /bin/suidsh -p" scripts instead. > > And that is outright suicidal as it is guaranteed exploitable. It is also > > the very reason that suidperl exists. > > Following that logic people will nuke /usr/bin/su and replace it with suid to > root shell. People don't do it. They aren't _that_ stupid. If you didn't provide su, they would. That's the point. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000811230910.A58926>