Re: perl-suidperl changes between RHEL 3 & 4?

["Stephen J. Smoogen" <smooge gmail com>]

On 10/25/05, Ed Greshko <Ed Greshko greshko com> wrote:
> Brian Long wrote:
> > I have a setuid perl script with 4711 (-rws--x--x) permissions.  On RHEL
> > 3, I am able to execute this perl script as a normal user and obtain
> > root privileges as long as the perl-suidperl RPM is installed.  If that
> > RPM is not installed, the program cannot obtain root privileges.
> >
> > If I install the script on a RHEL 4 host with the same permissions and
> > perl-suidperl is installed, I get the following error:
> > Can't open perl script "/path/to/script": Permission denied.
> > Use -S to search $PATH for it.
> >
> > If I give the user read privileges on the script, the script runs with
> > root privileges.  Why are 4755 permissions required to get this working
> > on RHEL 4?  Maybe someone can hit me with a clue stick on the proper use
> > of perl-suidperl  :)  The she-bang is just #!/usr/bin/perl.
>
> I'd actually be asking why it ran on RHELv3.
>
> It just seems logical that in order to discover that the "executable" is
> a perl script the user must first be able to read the file.  If the user
> is allowed to discover something about the file before execution it's a
> bit like putting the cart before the horse.

This seems to be one of those things that were hammered down in perl
from 5.8.0 to 5.8.5. A lot of permission checking and such seem to
have been added after 5.8.2 which probably added perl's paranoia.

>
> Ed
>
>
> --
> You don't have to explain something you never said.
>                 -- Calvin Coolidge
>
> --
> nahant-list mailing list
> nahant-list redhat com
> https://www.redhat.com/mailman/listinfo/nahant-list
>


--
Stephen J Smoogen.
CSIRT/Linux System Administrator