Re: Authorization - Perl as helper tool vs. SUID
Re: Authorization - Perl as helper tool vs. SUID
- Subject: Re: Authorization - Perl as helper tool vs. SUID
- From: Sherm Pendley <email@hidden>
- Date: Tue, 11 Jan 2005 13:48:40 -0500
On Jan 11, 2005, at 6:38 AM, Freek Dijkstra wrote:
I recall that this is not Perl related, but a system-wide feature
enforced by most Unix kernels: it is not allowed to run a script with
setuid bit set. A script is defined as anything with a shebang (#!)
line. At least Linux has this feature, Darwin too apparently.
Nope:
Sherm-Pendleys-Computer:~ sherm$ cat hello.sh
#!/bin/sh
echo $UID
echo $EUID
Sherm-Pendleys-Computer:~ sherm$ ls -l hello.sh
-rwsr-sr-x 1 root admin 32 11 Jan 13:41 hello.sh
Sherm-Pendleys-Computer:~ sherm$ ./hello.sh
501
0
Poking around, I see a /dev/fd directory, and I find that BSD beginning
with 4.4 used it to avoid the race condition. So I think that Darwin
actually does have secure suid scripts, but Perl has been misconfigured
to believe it doesn't. :-(
sherm--
Cocoa programming in Perl: http://camelbones.sourceforge.net
Hire me! My resume: http://www.dot-app.org
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden