On Wed, 11 May 2011 11:59:48 +0200 Jonathan McKeown j.mcke...@ru.ac.za
wrote:
On Wednesday 11 May 2011 04:19:29 Devin Teske wrote:
The reason that the suid bit doesn't work on scripts (shell, perl, or
otherwise) is because these are essentially text files that are interpreted
by their
On 05/13/2011 14:34, Alejandro Imass wrote:
On Fri, May 13, 2011 at 6:07 AM, Chris Telting
christopher...@telting.org wrote:
On 05/13/2011 01:32, krad wrote:
[...]
me ask you.. is sudo ping acceptable? Please explain the logical reason
why not. It would be the preferred method if suid didn't
Chris == Chris Telting christopher...@telting.org writes:
Chris I honestly tried when I posted the question to avoid the question
Chris of right or wrong. I simply have one opinion for my own need and
Chris preference and don't want to go into rigid detail and did not
Chris mean to reopen the
On 15 May 2011 15:30, Randal L. Schwartz mer...@stonehenge.com wrote:
Chris == Chris Telting christopher...@telting.org writes:
Chris I honestly tried when I posted the question to avoid the question
Chris of right or wrong. I simply have one opinion for my own need and
Chris preference and
Chris Telting christopher...@telting.org wrote:
let me ask you.. is sudo ping acceptable? Please explain the
logical reason why not. It would be the preferred method if suid
didn't exist and sudo was part of the base system.
Without suid there would be no sudo ;)
Part of the reason for ping
Pan == Pan Tsu iny...@gmail.com writes:
Pan ...a shebang can be written with sudo in mind, e.g.
Pan #! /usr/bin/env -S sudo sh
Pan id
(Untested) why not just #!/usr/local/bin/sudo ? It'll be given the
filename as an argument.
Aside: In general, almost every use of #!/usr/bin/env XXX as a
On Sat, May 14, 2011 at 3:09 PM, Randal L. Schwartz
mer...@stonehenge.com wrote:
Pan == Pan Tsu iny...@gmail.com writes:
[...]
(Untested) why not just #!/usr/local/bin/sudo ? It'll be given the
filename as an argument.
Precisely. I think this thread should be forked to something like
suid
On Thursday 12 May 2011 17:26:49 Chris Telting wrote:
On 05/12/2011 07:57, Jonathan McKeown wrote:
I'll say that again. It is inherently insecure to run an interpreted
program set-uid, because the filename is opened twice and there's no
guarantee that someone hasn't changed the contents
On 13 May 2011 08:32, Jonathan McKeown j.mcke...@ru.ac.za wrote:
On Thursday 12 May 2011 17:26:49 Chris Telting wrote:
On 05/12/2011 07:57, Jonathan McKeown wrote:
I'll say that again. It is inherently insecure to run an interpreted
program set-uid, because the filename is opened
On 05/13/2011 00:32, Jonathan McKeown wrote:
On Thursday 12 May 2011 17:26:49 Chris Telting wrote:
On 05/12/2011 07:57, Jonathan McKeown wrote:
I'll say that again. It is inherently insecure to run an interpreted
program set-uid, because the filename is opened twice and there's no
guarantee
On 05/13/2011 01:32, krad wrote:
what i cant understand is the complete aversion to sudo. Could you
shed any light on why you are trying to avoid a tried and tested method.
That I freely admit is for no rational reason. It's just annoying. But
let me ask you.. is sudo ping acceptable? Please
On 13 May 2011 11:07, Chris Telting christopher...@telting.org wrote:
On 05/13/2011 01:32, krad wrote:
what i cant understand is the complete aversion to sudo. Could you shed
any light on why you are trying to avoid a tried and tested method.
That I freely admit is for no rational reason.
Chris Telting christopher...@telting.org writes:
On 05/13/2011 01:32, krad wrote:
what i cant understand is the complete aversion to sudo. Could you
shed any light on why you are trying to avoid a tried and tested
method.
That I freely admit is for no rational reason. It's just annoying.
C
On Friday, 13 May 2011, Pan Tsu iny...@gmail.com wrote:
Chris Telting christopher...@telting.org writes:
On 05/13/2011 01:32, krad wrote:
what i cant understand is the complete aversion to sudo. Could you
shed any light on why you are trying to avoid a tried and tested
method.
That I
On 05/11/2011 07:14, Jerry McAllister wrote:
On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote:
I've googled for over an hour.
I'm not looking to get into a discussion on security or previous bugs
that are currently fixed. Suid in and of itself is a security issue.
But if you are
On Thu, May 12, 2011 at 07:13:50AM -0700, Chris Telting wrote:
On 05/11/2011 07:14, Jerry McAllister wrote:
On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote:
I've googled for over an hour.
I'm not looking to get into a discussion on security or previous bugs
that are
On Thursday 12 May 2011 16:13:50 Chris Telting wrote:
On 05/11/2011 07:14, Jerry McAllister wrote:
On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote:
I've googled for over an hour.
I'm not looking to get into a discussion on security or previous bugs
that are currently
On 05/12/2011 07:57, Jonathan McKeown wrote:
On Thursday 12 May 2011 16:13:50 Chris Telting wrote:
On 05/11/2011 07:14, Jerry McAllister wrote:
On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote:
I've googled for over an hour.
I'm not looking to get into a discussion on security
Chris Telting christopher...@telting.org wrote:
Seemed like I read that historically unix ran the #! command
as the suid when it executed the file. Did Freebsd delete
that functionality? (Otherwise how did suid scripts get the
bad reputation if they could never execute suid.)
There have
Here is some information on what perl does:
http://www.washington.edu/perl5man/pod/perlsec.html
Also there is an option (not chosen by default) in the perl port to
enable setuid.
Riaan
___
freebsd-questions@freebsd.org mailing list
On Wednesday 11 May 2011 04:19:29 Devin Teske wrote:
The reason that the suid bit doesn't work on scripts (shell, perl, or
otherwise) is because these are essentially text files that are interpreted
by their associated interpreter. It is the interpreter itself that must be
suid.
I'm pretty
On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote:
I've googled for over an hour.
I'm not looking to get into a discussion on security or previous bugs
that are currently fixed. Suid in and of itself is a security issue.
But if you are using suid it it should work; I don't
On Wed, May 11, 2011 at 10:14 AM, Jerry McAllister jerr...@msu.edu wrote:
On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote:
I've googled for over an hour.
As other have said suiding on scripts is not allowed in modern
versions of Unix. What I do for example, is create small C
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 5/11/11 12:31 PM, Alejandro Imass wrote:
On Wed, May 11, 2011 at 10:14 AM, Jerry McAllister jerr...@msu.edu wrote:
On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote:
I've googled for over an hour.
As other have said suiding on
I've googled for over an hour.
I'm not looking to get into a discussion on security or previous bugs
that are currently fixed. Suid in and of itself is a security issue.
But if you are using suid it it should work; I don't want to use a
kludge and I don't want to use sudo. I'm hoping it's
On Tue, 10 May 2011 21:43:43 -0400, Daniel Staal dst...@usa.net wrote:
One thought: What's the output of 'mount' for the slice you are trying to
run this script from? (Suid can be blocked on a per-mountpoint basis.)
Just for terminology: You mount a partition, _not_ a slice,
so mount operates
--As of May 11, 2011 3:55:03 AM +0200, Polytropon is alleged to have said:
On Tue, 10 May 2011 21:43:43 -0400, Daniel Staal dst...@usa.net wrote:
One thought: What's the output of 'mount' for the slice you are trying
to run this script from? (Suid can be blocked on a per-mountpoint
basis.)
On May 10, 2011, at 5:54 PM, Chris Telting wrote:
I've googled for over an hour.
I'm not looking to get into a discussion on security or previous bugs that
are currently fixed. Suid in and of itself is a security issue. But if you
are using suid it it should work; I don't want to use a
On 05/10/2011 19:19, Devin Teske wrote:
On May 10, 2011, at 5:54 PM, Chris Telting wrote:
I've googled for over an hour.
I'm not looking to get into a discussion on security or previous bugs that are
currently fixed. Suid in and of itself is a security issue. But if you are
using suid it
29 matches
Mail list logo