Support for file sharing over SMB/NFS
Matthias Hölzer-Klüpfel
mhk at kde.org
Wed Apr 17 20:45:46 BST 2002
On Wednesday 17 April 2002 08:30, David Faure wrote:
> > A setuid perl script? Do you believe this will pass any kind of security
> > audit?
>
> Actually yes, since it's much harder to make a buffer overrun in perl than
> in e.g. C.
> I'm no perl expert, but the writer of this script has already written many
> such scripts (most of Mandrake is done with perl scripts ;). And perl has
> special support for suid scripts (see description of the -T option in man
> perlrun for instance).
Well, buffer overruns are only a very small part that may be exploitable.
The real problem is this: Any suid program needs a thorough security audit.
And it is not enough to audit the program, also the environment has to be
audited. And this is why a (small) C programm is preferrable. You "only" have
to audit the code, and this little glibc.
With a perl script, you also have to audit the perl interpreter as well as all
modules it might load.
Anyway, the real problem is not the "perl script", but the "suid". "suid" is
evil, in whatever language you write the code ;)
Bye,
Matthias.
More information about the kde-core-devel
mailing list