On Fri, Apr 12, 2013 at 11:50:45PM +0100, Ben Hutchings wrote: > On Fri, Apr 12, 2013 at 05:38:38PM -0500, Peter Samuelson wrote: > > > > [Russ Allbery] > > > Oh, I thought they'd given up on Safe. For some reason it stuck in > > > my mind that it had too many issues and ended up being deprecated. > > > Apparently, I either made that up or misremembered something. > > > > Possibly you were thinking of suidperl, the hack to allow Perl programs > > to use setuid and setgid, working around the fact that most Unix > > kernels don't honor the setuid + setgid bits when launching #! scripts. > > suidperl was dropped some years ago because it had too many issues. > > No, it's this: > http://search.cpan.org/~rgarcia/Safe-2.35/Safe.pm > > (I seem to remember using a very early version of this, which was the > only way to run a CGI script in my web space at university. It was > definitely very restricted, but then I wasn't a particularly inventive > Perl programmer.)
Does <http://www.oucs.ox.ac.uk/web/faq/index.xml?ID=safeperl> ring any bells? :) I don't think the code which uses Safe.pm to implement that environment (a perl program called cgiperl, plus a SUID root wrapper for privilege management) is really released anywhere, but it is just about limping along, although I seem to recall that we haven't managed to get it to work with anything more recent than 5.10 yet. Cheers, Dominic. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email) -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130413103912.gp4...@urchin.earth.li