New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
suidperl path disclosure #3732
Comments
From psz@maths.usyd.edu.ausuidperl can be used for path disclosure (to verify if a file exists when So far I have not been able to make suidperl do anything worse. I do not have a patch to fix this problem: looking in the source perl.c it Set things up as one user (e.g. root): # pwd As another (normal) user, use suidperl to disclose path info: milan> id Testing nosuch Testing file Testing sfile Perl Info
|
From guest@guest.guest.xxxxxxxxTicket ID 6511 is listed as "resolved"; however I do not see this Please re-open bug. Cheers, Paul |
From @iabynSince setuid perl has been removed from 5.12.0, and the 5.10.x |
@iabyn - Status changed from 'open' to 'rejected' |
Migrated from rt.perl.org#6511 (status was 'rejected')
Searchable as RT6511$
The text was updated successfully, but these errors were encountered: