From jmz@cabri.cnusc.fr  Mon Jan  2 18:23:23 1995
Received: from cnudns.cnusc.fr (cnudns.cnusc.fr [131.196.1.4]) by freefall.cdrom.com (8.6.9/8.6.6) with SMTP id SAA08536 for <FreeBSD-gnats-submit@freebsd.org>; Mon, 2 Jan 1995 18:23:21 -0800
Received: from cabri.obs-besancon.fr by cnudns.cnusc.fr; (5.65/1.1.8.2/19Aug94-8.2MPM)
	id AA10579; Tue, 3 Jan 1995 03:22:59 -0100
Received: by cabri.obs-besancon.fr (5.57/Ultrix3.0-C)
	id AA04193; Tue, 3 Jan 95 03:19:46 +0100
Message-Id: <9501030219.AA04193@cabri.obs-besancon.fr>
Date: Tue, 3 Jan 95 03:19:46 +0100
From: jmz@cabri.obs-besancon.fr
Reply-To: jmz@cabri.obs-besancon.fr
To: FreeBSD-gnats-submit@freebsd.org
Subject: suid perl scripts don't work
X-Send-Pr-Version: 3.2

>Number:         94
>Category:       bin
>Synopsis:       suid perl scripts don't work
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    core (FreeBSD core team)
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan  2 18:30:00 1995
>Closed-Date:    Thu Jan 12 14:37:07 PST 1995
>Last-Modified:
>Originator:     Jean-Marc Zucconi
>Release:        FreeBSD 2.0-RELEASE i386
>Organization:
Observatoire de Besancon
>Environment:

>Description:

	Setuid perl script always fail

>How-To-Repeat:
	
bash$ su
Password:
bash# echo Hi >bar ; chmod 600 bar
bash# cat >foo
#!/usr/bin/suidperl
$ENV{'PATH'} ='/sbin:/usr/bin:/bin';
$path = $ENV{'PATH'};
system("cat bar");
bash# chmod 4711 foo
bash# exit
bash$ ./foo
Can't open perl script "./foo": Permission denied
bash$ su
Password:
bash# chown root /usr/bin/suidperl
bash# chmod u+s /usr/bin/suidperl
bash# exit
bash$ ./foo
Can't swap uid and euid.


>Fix:
	
*** gnu/usr.bin/perl/perl/config.h~	Fri Nov  4 00:50:43 1994
--- gnu/usr.bin/perl/perl/config.h	Tue Jan  3 01:19:44 1995
***************
*** 134,140 ****
   *	subprocesses to which it must pass the filename rather than the
   *	file descriptor of the script to be executed.
   */
! /*#undef DOSUID		*/
  
  /* HAS_DUP2
   *	This symbol, if defined, indicates that the dup2 routine is available
--- 134,140 ----
   *	subprocesses to which it must pass the filename rather than the
   *	file descriptor of the script to be executed.
   */
! #define DOSUID		/**/
  
  /* HAS_DUP2
   *	This symbol, if defined, indicates that the dup2 routine is available
***************
*** 386,392 ****
   *	available to change the real, effective and saved gid of the current
   *	program.
   */
! #define	HAS_SETREGID		/**/
  
  /* HAS_SETREUID
   *	This symbol, if defined, indicates that the setreuid routine is
--- 386,392 ----
   *	available to change the real, effective and saved gid of the current
   *	program.
   */
! /*#define	HAS_SETREGID		/**/
  
  /* HAS_SETREUID
   *	This symbol, if defined, indicates that the setreuid routine is
***************
*** 397,403 ****
   *	available to change the real, effective and saved uid of the current
   *	program.
   */
! #define	HAS_SETREUID		/**/
  
  /* HAS_SETRGID
   *	This symbol, if defined, indicates that the setrgid routine is available
--- 397,403 ----
   *	available to change the real, effective and saved uid of the current
   *	program.
   */
! /*#define	HAS_SETREUID		/**/
  
  /* HAS_SETRGID
   *	This symbol, if defined, indicates that the setrgid routine is available
*** gnu/usr.bin/perl/sperl/Makefile~	Mon Jan  2 03:27:51 1995
--- gnu/usr.bin/perl/sperl/Makefile	Tue Jan  3 02:33:26 1995
***************
*** 22,26 ****
--- 22,29 ----
  MAN1=
  MLINKS+= perl.1 suidperl.1
  
+ BINOWN= root
+ BINMODE=4711
+ 
  .include "../../Makefile.inc"
  .include <bsd.prog.mk>
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: wollman 
State-Changed-When: Thu Jan 12 14:37:07 PST 1995 
State-Changed-Why:  
Fixed by Joerg in rev 1.6 of config.h. 
>Unformatted:



