Date: Sat, 07 Sep 1996 12:11:18 +1000 From: Greg Healy <heagre@epoch.com.au> To: Branson Matheson <branson@widomaker.com> Cc: Paul Walsh <paul@nation-net.com>, questions@FreeBSD.org Subject: Re: suidperl from httpd not working Message-ID: <2.2.32.19960907021118.0092c6b4@mailhost.epoch.com.au>
next in thread | raw e-mail | index | archive | help
At 08:45 5/09/96 -0400, Branson Matheson wrote: >On Thu, 5 Sep 1996, Paul Walsh wrote: > >> Is there any way an httpd user (nobody) can run a setuid perl script through >> cgi? Does it have to be a 'real' user. > > This is a bad idea security wise. It would be much better if you were > to create a seperate user/httpd pair and run it like that. Isn't there a CERT advisory out for PERl 5.002 at this moment Sourced from ftp://ftp.cert.org/pub/cert_advisories/CA-96.12.suidperl_vul ============================================================================= CERT(sm) Advisory CA-96.12 Original issue date: June 26, 1996 Last revised: August 30, 1996 Information previously in the README was inserted into the advisory. A complete revision history is at the end of this file. Topic: Vulnerability in suidperl - ----------------------------------------------------------------------------- The CERT Coordination Center has received reports of a vulnerability in systems that contain the suidperl program and that support saved set-user-ID and saved set-group-ID. By exploiting this vulnerability, anyone with access to an account on such a system may gain root access. Saved set-user-IDs and set-group-IDs are sometimes referred to as POSIX saved IDs. suidperl is also known as sperl followed by a version number, as in sperl5.002. Perl versions 4 and 5 can be compiled and installed in such a way that they will be vulnerable on some systems. If you have installed the suidperl or sperl programs on a system that supports saved set-user-ID and set-group-ID, you may be at risk. The CERT Coordination Center recommends that you first disable the suidperl and sperl programs (Section III.A). If you need the functionality, we further recommend that you either apply a patch for this problem or install Perl version 5.003 (Section III.B). If neither a patch nor a new version are viable alternatives, we recommend installing the wrapper written by Larry Wall as a workaround for this problem (Section III.C). Greg -- Greg Healy ghealy@epoch.com.au Bimberi Systems Network Consultancy Mobile +61 419 401 747 FAX +61 6 291 4818
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2.2.32.19960907021118.0092c6b4>