Re: Authorization - Perl as helper tool vs. SUID
Re: Authorization - Perl as helper tool vs. SUID
- Subject: Re: Authorization - Perl as helper tool vs. SUID
- From: Sherm Pendley <email@hidden>
- Date: Tue, 11 Jan 2005 13:25:25 -0500
On Jan 11, 2005, at 6:38 AM, Freek Dijkstra wrote:
I recall that this is not Perl related, but a system-wide feature
enforced by most Unix kernels: it is not allowed to run a script with
setuid bit set. A script is defined as anything with a shebang (#!)
line. At least Linux has this feature, Darwin too apparently.
Like I said in my message, it doesn't really matter whether Darwin has
truly secure suid scripts, because the Perl that ships with the OS has
been configured to behave as if it does not. Thus, it checks the suid
bit on the script, and refuses to run if it's set - that is definitely
a Perl feature, not a kernel feature. It's configured when Perl is
built.
FWIW, Bash and Python scripts will both run suid without complaint.
I saw a notice from someone saying that perl has some workarounds.
They're listed in the Perl docs - I'm aware of them. The question
wasn't really *how* to get my script to run suid, it's whether doing so
is truly necessary.
Thanks though.
It didn't list any specifics though.
"man perlsec" does. :-)
sherm--
Cocoa programming in Perl: http://camelbones.sourceforge.net
Hire me! My resume: http://www.dot-app.org
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden