Re: suid-perl

To: debian-devel@lists.debian.org
Subject: Re: suid-perl
From: Michael Stone <mstone@itri.loyola.edu>
Date: Sun, 31 Jan 1999 17:24:23 -0500
Message-id: <[🔎] 19990131172423.B5391@frederick.itri.loyola.edu>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 19990131170519.A16021@perlsupport.com>; from Chip Salzenberg on Sun, Jan 31, 1999 at 05:05:19PM -0500
References: <E1068wg-00016a-00@gatekeeper.bcwhite.ml.org> <[🔎] 19990131004847.A31842@justice.loyola.edu> <[🔎] 19990131140716.C2824@cs.leidenuniv.nl> <[🔎] 19990131101750.A4506@frederick.itri.loyola.edu> <[🔎] 19990131170519.A16021@perlsupport.com>

Quoting Chip Salzenberg (chip@perlsupport.com):
> According to Michael Stone:
> > Quoting Wichert Akkerman (wakkerma@cs.leidenuniv.nl):
> > > What perl-suid should do is check the mountoptions for the filesystem on
> > > which the script resides and abort if that was mounted with nosuid.
> > > Should be quite simple actually..
> > 
> > But that's still not general enough. For example, you just missed the
> > case of noexec... The solution should be done at a higher level, IMHO...
> 
> Every OS has a different set of mount options that may or may not be
> relevant to setuid security.  I don't see what 'higher level' would be
> useful.

Well, maybe I'm not clear on what you/wichert would do instead. How are
you going to check this? 

Mike Stone

Reply to:

Follow-Ups:
- Re: suid-perl
  - From: Chip Salzenberg <chip@perlsupport.com>

References:
- Re: List of bugs that *must* be fixed before releasing Slink
  - From: Michael Stone <mstone@cs.loyola.edu>
- Re: List of bugs that *must* be fixed before releasing Slink
  - From: Wichert Akkerman <wakkerma@cs.leidenuniv.nl>
- Re: List of bugs that *must* be fixed before releasing Slink
  - From: Michael Stone <mstone@itri.loyola.edu>
- Re: suid-perl
  - From: Chip Salzenberg <chip@perlsupport.com>

Prev by Date: Re: Call for mascot! :-)
Next by Date: Re: suid-perl
Previous by thread: Re: suid-perl
Next by thread: Re: suid-perl
Index(es):
- Date
- Thread