[opensuse] Suse 10.1 - suidperl isn't setuid - what's the right way to fix this?
On my SUSE 10.1 system, suidperl doesn't have its setuid bit set. Normally this would be easy to fix -- just set it. But /usr/bin/suidperl and /usr/bin/perl appear to be hardlinks to the same file, so if I set the suid bit on /usr/bin/suidperl, *all* perl scripts end up running as root -- definitely *not* what I want! I assume there's some "right" way to do this I'm overlooking. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David Brodbeck wrote:
On my SUSE 10.1 system, suidperl doesn't have its setuid bit set. Normally this would be easy to fix -- just set it. But /usr/bin/suidperl and /usr/bin/perl appear to be hardlinks to the same file, so if I set the suid bit on /usr/bin/suidperl, *all* perl scripts end up running as root -- definitely *not* what I want! I assume there's some "right" way to do this I'm overlooking.
Never mind...some more Googling found an obscure reference (in a cyrus-imapd security announcement, of all places) to setting the suid bit on /usr/bin/sperl5.8.8 instead. That took care of it. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2007-02-27 at 14:03 -0800, David Brodbeck wrote:
David Brodbeck wrote:
On my SUSE 10.1 system, suidperl doesn't have its setuid bit set. Normally this would be easy to fix -- just set it. But /usr/bin/suidperl and /usr/bin/perl appear to be hardlinks to the same file, so if I set the suid bit on /usr/bin/suidperl, *all* perl scripts end up running as root -- definitely *not* what I want! I assume there's some "right" way to do this I'm overlooking.
Never mind...some more Googling found an obscure reference (in a cyrus-imapd security announcement, of all places) to setting the suid bit on /usr/bin/sperl5.8.8 instead. That took care of it.
;-) It is documented by SuSE: /etc/permissions: # # legacy # # don't set the setuid bit on suidperl! Set it on sperl instead if # you really need it as suidperl is a hardlink to perl nowadays. /usr/bin/suidperl root:root 755 - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFF5LYitTMYHG2NR9URAg90AJ4ieTu2uwwqGh+IkIO5b4Qvuj8ClACZAdMT oCiAlNfqU2LcfZ5sOdtGVso= =twiO -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (2)
-
Carlos E. R. -
David Brodbeck