In-Reply-To: <ep0tb0$f6e$1@taverner.cs.berkeley.edu>
References: <87r6toufpp.wl@betelheise.deep.net> <ep0tb0$f6e$1@taverner.cs.berkeley.edu>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <1D317613-B0B6-4517-81B5-DBF3978FA413@mac.com>
Cc: LKML Kernel <linux-kernel@vger.kernel.org>,
       Samium Gromoff <_deepfire@feelingofgreen.ru>
Content-Transfer-Encoding: 7bit
From: Kyle Moffett <mrmacman_g4@mac.com>
Subject: Re: [PATCH] Undo some of the pseudo-security madness
Date: Sun, 21 Jan 2007 19:36:27 -0500
To: David Wagner <daw-usenet@taverner.cs.berkeley.edu>
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1290
Lines: 26

On Jan 21, 2007, at 18:34:56, David Wagner wrote:
> [1] In comparison, suidperl was designed to be installed setuid- 
> root, and it takes special precautions to be safe in this usage.   
> (And even it has had some security vulnerabilities, despite its  
> best efforts, which illustrates how tricky this business can be.)   
> Setting the setuid-root bit on a large complex interpreter that  
> wasn't designed to be setuid-root seems like a pretty dubious  
> proposition to me.

Well, there's also the fact that Linux does *NOT* need suidperl, as  
it has proper secure support for suid pound-bang scripts anyways.   
The only reason for suidperl in the first place was broken operating  
systems which had a race condition between the operating system  
checking the suid bits and reading the '#! /usr/bin/perl' line in the  
file, and the interpreter getting executed and opening a different  
file (think symlink redirection attacks).  I believe Linux jumps  
through some special hoops to ensure that can't happen.

Cheers,
Kyle Moffett

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/