From owner-freebsd-hackers Mon Nov 25 11:32:55 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA03173 for hackers-outgoing; Mon, 25 Nov 1996 11:32:55 -0800 (PST) Received: from mexico.brainstorm.eu.org (root@mexico.brainstorm.fr [193.56.58.253]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA03135; Mon, 25 Nov 1996 11:32:49 -0800 (PST) Received: from brasil.brainstorm.eu.org (brasil.brainstorm.fr [193.56.58.33]) by mexico.brainstorm.eu.org (8.7.5/8.7.3) with ESMTP id UAA26241; Mon, 25 Nov 1996 20:32:35 +0100 Received: (from uucp@localhost) by brasil.brainstorm.eu.org (8.6.12/8.6.12) with UUCP id UAA06640; Mon, 25 Nov 1996 20:32:03 +0100 Received: (from roberto@localhost) by keltia.freenix.fr (8.8.3/keltia-uucp-2.9) id TAA07574; Mon, 25 Nov 1996 19:40:43 +0100 (MET) Message-ID: Date: Mon, 25 Nov 1996 19:40:43 +0100 From: roberto@keltia.freenix.fr (Ollivier Robert) To: ports@FreeBSD.org, hackers@FreeBSD.org Subject: Re: suidperl (v5.003) - Doesn't work, Any Tips? References: <199611250947.KAA16780@uriah.heep.sax.de> X-Mailer: Mutt 0.51 Mime-Version: 1.0 X-Operating-System: FreeBSD 3.0-CURRENT ctm#2738 In-Reply-To: <199611250947.KAA16780@uriah.heep.sax.de>; from J Wunsch on Nov 25, 1996 10:47:58 +0100 Sender: owner-hackers@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk According to J Wunsch: > This looks as if somebody stupidly assumed the Perl gods are DingTRT. > They aren't. The entire suidperl patches for BSD they've been > emitting don't work. The only thing that works is dropping support > for Posix saved IDs (which was the source of the known suidperl evil It works in Perl5.003_08, out-of-the-box. It doesn't use POSIX saved uid anymore. Perl5.004 will behave the same of course. 309 [19:36] roberto@keltia:~/tmp> ./setu argv[0] ./setu Perl=/usr/local/bin/perl Inside script real uid = 101 effective uid = 0 real gid = 10 2001 2000 117 100 21 20 15 8 6 5 2 0 10 effective gid = 10 2001 2000 117 100 21 20 15 8 6 5 2 0 10 setting effective uid to 1 real uid = 101 effective uid = 1 real gid = 10 2001 2000 117 100 21 20 15 8 6 5 2 0 10 effective gid = 10 2001 2000 117 100 21 20 15 8 6 5 2 0 10 setting effective uid to 0 real uid = 101 effective uid = 0 Here is the script: -rwsr-xr-x 1 root staff 418 Nov 25 19:37 setu #! /usr/local/bin/perl # print "argv[0]=$0 Perl=$^X\n"; print "\nInside script\n"; print "real uid = $<\n effective uid = $>\n"; print "real gid = $(\n effective gid = $)\n"; # print "\nsetting effective uid to 1\n"; $> = 1; $) = $(; print "real uid = $<\n effective uid = $>\n"; print "real gid = $(\n effective gid = $)\n"; print "\nsetting effective uid to 0\n"; $> = 0; print "real uid = $<\n effective uid = $>\n"; -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 3.0-CURRENT #29: Sun Nov 24 16:05:46 MET 1996