[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: klik, loop mounts, and insecurity [was: statement from one of the klik project members]

Sam Morris wrote:
> If suidperl does not ensure that the scripts it interprets have the suid 
> bit set, then shouldn't a critical bug be filed?

The nosuid mount option does not cause the suid bit to be unset, it
causes the kernel to not honor it when executing binaries. This doesn't
work for programs like suidperl that deal with suid bits on their own.

With that said, suidperl has been modified since that man page was
written to detect nosuid filesystems on its own:

Setuid script "./foo.pl" on nosuid filesystem.

see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to: