Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.wildstar.net!news.ececs.uc.edu!newsfeeds.sol.net!news.maxwell.syr.edu!news.mathworks.com!fu-berlin.de!irz401!orion.sax.de!uriah.heep!news From: j@uriah.heep.sax.de (J Wunsch) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: perl binary: does it include suid patch? Date: 16 Feb 1997 20:59:51 GMT Organization: Private BSD site, Dresden Lines: 16 Message-ID: <5e7sg7$qo0@uriah.heep.sax.de> References: <fred-1202971050040001@dcs73.dcs-chico.com> Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) NNTP-Posting-Host: localhost.heep.sax.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Newsreader: knews 0.9.6 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:35622 fred@lightside.net (Fred Condo) wrote: > Does the perl binary installed with FreeBSD 2.1.5 and up incorporate the > suid security patch of 24 June 1996? No, but this patch proved to be broken anyway. (It resulted in a do-nothing operation of suidperl.) Instead, FreeBSD's suidperl simply doesn't use the offending Posix Saved IDs feature that was causing the security problem in the first place. -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)