use Perl

• Please don't do this! (Score:2)

  by merlyn (47)

  In the latest release of Perl, suidperl has been disabled for a reason. It just has too many ways of being exploited for security bypass.

  Please do what the FAQ says, and compile a little C wrapper around your script, or embed your script inside C program. It's not that hard: I've done it before.

  --
  

  • Randal L. Schwartz
  • Stonehenge
  • Re:Please don't do this! (Score:1)

    by godoy (2167)

    OK, OK... Your advice is very important.
    
    I'll do that. I think that the perlsec manpage should be updated and explain this.
    
    By the way, in 5.6.1 (that's the version I'm using):
    
    
[godoy@wintermute ~]$ perldoc -q suid
No documentation for perl FAQ keyword `suid' found
[godoy@wintermute ~]$ perldoc -q SUID
No documentation for perl FAQ keyword `SUID' found
[godoy@wintermute ~]$ perldoc -q perlsuid
No documentation for perl FAQ keyword `perlsuid' found
[godoy@wintermute ~]$

    
    Thanks for the advice.

    --
    -- Godoy.
    • Re:Please don't do this! (Score:1)

      by Dom2 (2981)

      When you call it by it's proper name, you get slightly different results:

      % perldoc -q setuid

      -Dom
      • Re:Please don't do this! (Score:1)

        by godoy (2167)

        This FAQ only redirects to perlsec. As I said, the perlsec man page should be updated including that using SUID or SGID scripts in Perl should be done through a wrapper.

        --
        -- Godoy.