[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: suid-perl

On 3 Feb 1999, Darren/Torin/Who Ever... wrote:

> Jules Bean, in an immanent manifestation of deity, wrote:
> >On Sun, 31 Jan 1999, Chip Salzenberg wrote:
> >> The code exists to check the mount options relevant to an open file.
> >> It's just a Small Matter of Programming to integrate that into the
> >> Perl source code, and disable emultation of setuid scripts when the
> >> 'nosuid' mount option is set.
> Well, while it's not a perfect fix (IMHO, that'd be stripping the suid
> bit in the system call), I've applied and tested Jarkko Hietaniemi's
> patch for perl-5.004.04.  If you try to run a suidperl script on a
> nosuid fs, you get 'permission denied'.  I've tested it on both slink
> and potato systems.  Please try it yourselves.


> >interpreted.  (Aside: Why hasn't linus patched the kernel so that suid
> >scripts are secure?  It's an easy task, surely?)
> I remember reading somewhere back in the 1.0 or .99 days that linus will 
> never implement suid scripts because they cause too many other holes.
> But note the age of the memory that would have to be and take it with
> much salt.

*sigh*  Has the ring of truth, though.

suid bits are insecure, full-stop.  Given that we have a sufficiently bad
(in particular, coarse-grained) security model that we need them, there
doesn't seem to be any particular value in restricting them to
executables.  After all, most security holes these days are buffer
overflows, and perl code is at least safe from those..


|  Jelibean aka  | jules@jellybean.co.uk         |  6 Evelyn Rd	       |
|  Jules aka     | jules@debian.org              |  Richmond, Surrey   |
|  Julian Bean   | jmlb2@hermes.cam.ac.uk        |  TW9 2TF *UK*       |
|  War doesn't demonstrate who's right... just who's left.             |
|  When privacy is outlawed... only the outlaws have privacy.          |

Reply to: