On Wed, 2005-11-16 at 14:30, [EMAIL PROTECTED] wrote: > > Suidperl should be owned by root and suid, perl should not. The point > > of the separate suid binary is that it does some additional checking > > and works around the usual race conditions when kernels do the > > suid handling for scripts. > > OK, that clarifies things, thanks a lot, Les. Then I should be doing the > opposite of what I was doing: > > # chmod u+s /usr/bin/suidperl > > And running the script with that...
On a normal system, perl notices the suid bit on a script itself and invokes suidperl if it is installed. > http://www.novell.com/linux/security/advisories/2004_43_cyrus_imapd.html > says in point 5: > > - suidperl > SUSE LINUX 9.2 follows the new upstream policy to install > /usr/bin/suidperl as hardlink to /usr/bin/perl. In previous perl > versions it used to be a hardlink to /usr/bin/sperl*. Therefore one > must not set a setuid bit on /usr/bin/suidperl as suggested in the > RPM package description of perl. Set the bit on /usr/bin/sperl5.8.5 > instead if you really need the suid feature. This is too weird for me. I don't have any idea how it is supposed to work > Basically, /usr/bin/perl, /usr/bin/perl5.8.X, and /usr/bin/suidperl are all > hardlinks to the same thing, and /usr/bin/sperl5.8.X is a different > executable, the one whose suid bit should be changed if necessary, instead > of /usr/bin/suidperl. So if you try to run it with perl, does it end up running sperl5.8.x and working? -- Les Mikesell [EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today Register for a JBoss Training Course. Free Certification Exam for All Training Attendees Through End of 2005. For more info visit: http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/backuppc-users http://backuppc.sourceforge.net/
