Path: utzoo!attcan!uunet!aplcen!uakari.primate.wisc.edu!brutus.cs.uiuc.edu!lll-winken!elroy.jpl.nasa.gov!jpl-devvax!lwall
From: lwall@jpl-devvax.JPL.NASA.GOV (Larry Wall)
Newsgroups: comp.lang.perl
Subject: Re: suidperl & taintperl
Message-ID: <6962@jpl-devvax.JPL.NASA.GOV>
Date: 1 Feb 90 19:34:53 GMT
References: <15367@orstcs.CS.ORST.EDU> <6940@jpl-devvax.JPL.NASA.GOV> <JV.90Jan31134044@mhres.mh.nl>
Reply-To: lwall@jpl-devvax.JPL.NASA.GOV (Larry Wall)
Organization: Jet Propulsion Laboratory, Pasadena, CA
Lines: 16

In article <JV.90Jan31134044@mhres.mh.nl> jv@mh.nl (Johan Vromans) writes:
: 
:  1. Taintperl and suidperl could be combined. If setuid root it is
:     suidperl, taintperl otherwise.

Close, but not quite.  It's possible to have a system that needs suidperl
to be setuid root, but taintperl to not be setuid root because there
are still "wrapped" perl scripts, and running the setuid root suidperl would
destroy the current effective id.

:  2. They (it?) could be placed in the perl library instead of the
:     'public path'.

That's certainly a possibility.

Larry