Re: perl-suidperl changes between RHEL 3 & 4?

[Ed Greshko <Ed Greshko greshko com>]

Brian Long wrote:
> I have a setuid perl script with 4711 (-rws--x--x) permissions.  On RHEL
> 3, I am able to execute this perl script as a normal user and obtain
> root privileges as long as the perl-suidperl RPM is installed.  If that
> RPM is not installed, the program cannot obtain root privileges.
> 
> If I install the script on a RHEL 4 host with the same permissions and
> perl-suidperl is installed, I get the following error:
> Can't open perl script "/path/to/script": Permission denied.
> Use -S to search $PATH for it.
> 
> If I give the user read privileges on the script, the script runs with
> root privileges.  Why are 4755 permissions required to get this working
> on RHEL 4?  Maybe someone can hit me with a clue stick on the proper use
> of perl-suidperl  :)  The she-bang is just #!/usr/bin/perl.

I'd actually be asking why it ran on RHELv3.

It just seems logical that in order to discover that the "executable" is
a perl script the user must first be able to read the file.  If the user
is allowed to discover something about the file before execution it's a
bit like putting the cart before the horse.

Ed


-- 
You don't have to explain something you never said.
		-- Calvin Coolidge