Date: Thu, 03 Jan 2002 11:26:14 -0800 From: "Kevin Oberman" <oberman@es.net> To: Devdas Bhagat <devdas@worldgatein.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Setuid. Message-ID: <200201031926.g03JQFd04599@ptavv.es.net> In-Reply-To: Your message of "Fri, 04 Jan 2002 01:49:21 %2B0530." <20020104014921.G3077@rivendell.worldgatein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Fri, 4 Jan 2002 01:49:21 +0530 > From: Devdas Bhagat <devdas@worldgatein.net> > Sender: owner-freebsd-questions@FreeBSD.ORG > > On 03/01/02 09:32 -0800, Milo Hyson wrote: > <snip> > > Actually, I would like to know a decent solution to this issue. I often need > > SUID Perl scripts myself, and I don't want to have to disable security > > features or resort to a C wrapper. > Linux has this concept called suidperl, which is supposed to be enabled > for suid scripts. Is there an equivalent in FreeBSD? Actually, suidperl is an optional part of Perl and not Linux related. Linux uses suidperl while most (all?) BSDs disable this capability by default due to security concerns. No reason you can't enable it, but be aware that you may easily open security holes this way and be VERY careful with it. To enable suidperl, add the line: ENABLE_SUIDPERL= true to /etc/make.conf. If your system lacks this file, create it with the single line. Then re-build your system. It will build with suidperl. (Why do I suspect a query about re-building will be popping up soon?) R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201031926.g03JQFd04599>