discarding root privileges in suid perl
Hello,
According to "man perlsec", line 300+, the following code should
destroy extra privileges in a suid root perl script:
debug "5. killed_euid $EUID $UID\n";
my @temp = ($EUID, $EGID);
$EUID = $UID;
$EGID = $GID; # initgroups() also called!
debug "6. killed_euid $EUID $UID\n";
# Make sure privs are really gone
($EUID, $EGID) = @temp;
debug "7. killed_euid $EUID $UID\n";
die "Can't drop privileges"
unless $UID == $EUID && $GID eq $EGID;
(debug statements are my own - these just call print).
However, this is the response I get:
5. killed_euid 0 1003
6. killed_euid 1003 1003
7. killed_euid 0 1003
Can't drop privileges at /usr/local/authorisation/global.pm line 79.
line 5 is the original value of EUID and UID, line 6 is the privileges
after they have been dropped, why do they come back again in line 7?
Is the example in the man page wrong?
--
Brian May <bam@debian.org>
Reply to: