From owner-freebsd-chat  Wed Sep  5 16:35:12 2001
Delivered-To: freebsd-chat@freebsd.org
Received: from moutvdom00.kundenserver.de (moutvdom00.kundenserver.de [195.20.224.149])
	by hub.freebsd.org (Postfix) with ESMTP id 949F937B405
	for <freebsd-chat@freebsd.org>; Wed,  5 Sep 2001 16:35:07 -0700 (PDT)
Received: from [195.20.224.209] (helo=mrvdom02.schlund.de)
	by moutvdom00.kundenserver.de with esmtp (Exim 2.12 #2)
	id 15emC7-0005TT-00; Thu, 6 Sep 2001 01:34:55 +0200
Received: from p3ee2944f.dip.t-dialin.net ([62.226.148.79] helo=pc3)
	by mrvdom02.schlund.de with smtp (Exim 2.12 #2)
	id 15emC7-0006Db-00; Thu, 6 Sep 2001 01:34:55 +0200
Message-ID: <00c101c13662$c3716cd0$0364000a@abc>
From: "Nicolas Rachinsky" <list@rachinsky.de>
To: "Piet Delport" <siberiyan@mweb.co.za>,
	"Giorgos Keramidas" <charon@labs.gr>
Cc: <freebsd-chat@FreeBSD.ORG>
References: <999708032.3b96558062cd2@webmail.neomedia.it> <20010905204055.A268@athalon> <20010905215258.A4304@hades.hell.gr> <20010906005600.A4157@athalon>
Subject: Re: Scripts and setuid
Date: Thu, 6 Sep 2001 01:30:30 +0200
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-chat.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-chat>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-chat>
X-Loop: FreeBSD.org

I don't know if this applies to FreeBSD, but I found the=20
following in the Perl documentation.

from perldoc perlsec:
       Beyond the obvious problems that stem from giving special
       privileges to systems as flexible as scripts, on many
       versions of Unix, set-id scripts are inherently insecure
       right from the start.  The problem is a race condition in
       the kernel.  Between the time the kernel opens the file to
       see which interpreter to run and when the (now-set-id)
       interpreter turns around and reopens the file to interpret
       it, the file in question may have changed, especially if
       you have symbolic links on your system.





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message