On Wed, Apr 07, 2004 at 08:14:50PM -0400, Cees Hek wrote: > According to the perlsec docs, suidperl should not be called directly as > it is currently done in qmail-scanner. perl will automatically call > suidperl if it sees that the perl script has the suid bit set.
Humph. That was only done in the first place to work around a certain OS's (rhymes with "Solaris") broken perl installs. I will remove the usage of "/usr/bin/suidperl" from the next release - i.e. to do it the "right" way again. -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
