Hi folks--
In responding to the recently disclosed security bugs in suidperl, we applied
the given patches, only to find out that setuid perl scripts no longer work
on any of our Alphas :(
I preceded to get the perl-5.003 sources from CPAN and compiled them on
an OSF/1 3.0 system. I used pretty much all of the defaults for dec_osf
and selected 'yes' for setuid emulation. I now have a perl-5.003 installation
that won't execute any setuid perl code unless I invoke the script as root!
For example, given a setuid script:
#!/loc/lang/perl-5.003/bin/perl
umask 0077;
open(THING, ">/home/tcs/jrozes/thing.pid") || die "$!\n";
print THING "$$\n";
close THING;
exit 3;
This works fine when the script is non-setuid. Once I change the permissions
on the script though (to 4700, owned by me), it only works if I invoke it as
the root user. Invoking it as myself or any other non-priviledged user does
nothing; the script is not executed, and I just get another shell prompt
and an exit code of 0. I've tried this with other simple scripts (even just
a simple 'print "hello world"') and the same thing happens every time.
I repeated the above on a dUX 3.2d system with the same results.
[Note: this problem occurs with both our perl4 and perl5 interpreters.]
Any clues on how I can get a working suidperl would be greatly appreciated!
Thanks,
jonathan
--
+++ Jonathan Rozes, Unix Systems Administrator, Tufts University
++ jrozes_at_tcs.tufts.edu, http://rozes.tcs.tufts.edu/
+ Ultimately, thinking is a very inefficient method of processing
data.... [Surfing the Himalayas, 0-312-14147-5]
Received on Mon Jul 01 1996 - 18:56:19 NZST