discarding root privileges in suid perl

To: debian-devel@lists.debian.org
Subject: discarding root privileges in suid perl
From: Brian May <bam@debian.org>
Date: 16 Oct 2000 09:13:52 +1100
Message-id: <84lmvpg3bz.fsf@snoopy.apana.org.au>

Hello,

According to "man perlsec", line 300+, the following code should
destroy extra privileges in a suid root perl script:

      debug "5. killed_euid $EUID $UID\n";

      my @temp = ($EUID, $EGID);
      $EUID = $UID;    
      $EGID = $GID;    #      initgroups() also called!

      debug "6. killed_euid $EUID $UID\n";

      # Make sure privs are really gone
      ($EUID, $EGID) = @temp;

      debug "7. killed_euid $EUID $UID\n";

      die "Can't drop privileges"
        unless $UID == $EUID  && $GID eq $EGID;

(debug statements are my own - these just call print).

However, this is the response I get:

5. killed_euid 0 1003
6. killed_euid 1003 1003
7. killed_euid 0 1003
Can't drop privileges at /usr/local/authorisation/global.pm line 79.

line 5 is the original value of EUID and UID, line 6 is the privileges
after they have been dropped, why do they come back again in line 7?

Is the example in the man page wrong?
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: discarding root privileges in suid perl
  - From: Ben Gertzfield <che@debian.org>
- Re: discarding root privileges in suid perl
  - From: miquels@cistron.nl (Miquel van Smoorenburg)

Prev by Date: Re: ITP: commonc++ and glcpu
Next by Date: packages up for adoption
Previous by thread: Re: ITP: commonc++ and glcpu
Next by thread: Re: discarding root privileges in suid perl
Index(es):
- Date
- Thread