Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

godoy (2167)

godoy
  (email not shown publicly)
http://www.g2ctech.com/
AOL IM: godoy0 (Add Buddy, Send Message)
Yahoo! ID: jgodoyf (Add User, Send Message)
Jabber: godoy@jabber.org

Never doubt how stupid people can be.

Journal of godoy (2167)

Sunday September 01, 2002
08:00 AM

SUID problem solved.

[ #7458 ]

I recompiled Perl, enabling the suid emulation.
Without that, it didn't work.

Thanks for everybody who helped and tried finding what was wrong.

Update: Read the comments, and don't do that. ;-)

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • In the latest release of Perl, suidperl has been disabled for a reason. It just has too many ways of being exploited for security bypass.

    Please do what the FAQ says, and compile a little C wrapper around your script, or embed your script inside C program. It's not that hard: I've done it before.

    --
    • Randal L. Schwartz
    • Stonehenge
    • OK, OK... Your advice is very important.

      I'll do that. I think that the perlsec manpage should be updated and explain this.

      By the way, in 5.6.1 (that's the version I'm using):


      [godoy@wintermute ~]$ perldoc -q suid
      No documentation for perl FAQ keyword `suid' found
      [godoy@wintermute ~]$ perldoc -q SUID
      No documentation for perl FAQ keyword `SUID' found
      [godoy@wintermute ~]$ perldoc -q perlsuid
      No documentation for perl FAQ keyword `perlsuid' found
      [godoy@wintermute ~]$


      Thanks for the advice.
      --
      -- Godoy.