Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!orstcs!sapphire!pvo3366
From: pvo3366@sapphire.OCE.ORST.EDU (Paul O'Neill)
Newsgroups: comp.lang.perl
Subject: Re: suidperl & taintperl
Summary: SPOILER! (perl whining revealed)
Keywords: kernel patching, complaining
Message-ID: <15475@orstcs.CS.ORST.EDU>
Date: 4 Feb 90 02:54:54 GMT
References: <15367@orstcs.CS.ORST.EDU> <6940@jpl-devvax.JPL.NASA.GOV>
Sender: usenet@orstcs.CS.ORST.EDU
Reply-To: pvo3366@sapphire.OCE.ORST.EDU (Paul O'Neill)
Organization: Coastal Imaging Lab, Oregon State University, Corvallis, OR
Lines: 46

In perl man page lwall@jpl-devvax.JPL.NASA.GOV (Larry Wall) writes:

>                ......      If the kernel feature isn't disabled,
>     perl  will  complain  loudly  that  your  setuid  script  is
>     insecure.  

It sure does:-)
YOU HAVEN'T DISABLED SET-ID SCRIPTS IN THE KERNEL YET!
FIX YOUR KERNEL, PUT A C WRAPPER AROUND THIS SCRIPT, OR USE -u AND UNDUMP!

How does this increase security of suid/sgid perl scripts?  

In article <6940@jpl-devvax.JPL.NASA.GOV> lwall@jpl-devvax.JPL.NASA.GOV (Larry Wall) writes:
>
>	......  Normal perl detects whether
>	a script is running set[ug]id, or wants to run set[ug]id, and calls
>	taintperl or suidperl automatically.

So, since perl is going to feed your suid perl script to taintperl to
do lots of testing for dumb mistakes, why does it care that your kernel
would allow csh or sh to interpret dumb csh or sh suid scripts?

>	suidperl has the taintchecks plus a mechanism for emulating setuid
>	scripts on machine where setuid scripts have been disabled in the kernel
>	It is useless unless they have been disabled.
 	^^^^^^^^^^^^
>	I can't think of any reason for using suidperl directly.

I found a great use for suidperl.  I invoke it directly on my suid perl 
script, or start the suid perl script with the line:
#!/usr/local/bin/suidperl

And the loud complaining about the kernel patch goes away!!
(Now I get to see all the loud complaining about insecure paths, etc.,
neat stuff.)  Is this a nasty that should be fixed?  If so, why?  Am I
asking for trouble doing this w/o the kernel patches?  Can I still 
consider my "perl script ... more secure than the corresponding C program"?

PS -- any pointers to how this kernel patching is done on assorted Sun's
at 4.0.x and NeXT's would be greatly appreciated.


Paul O'Neill                 pvo@oce.orst.edu
Coastal Imaging Lab
OSU--Oceanography
Corvallis, OR  97331         503-754-3251