Skip Menu |
Report information
Id: 1565
Status: resolved
Priority: 0/
Queue: perl5

Owner: Nobody
Requestors: musta [at] eve.info.umoncton.ca
Cc:
AdminCc:

Operating System: (no value)
PatchStatus: (no value)
Severity: medium
Type: notabug
Perl Version: (no value)
Fixed In: (no value)



Date: Mon, 4 Oct 1999 15:24:51 -0300 (ADT)
From: "Mustapha A. Obeid" <musta [...] eve.info.umoncton.ca>
To: perlbug [...] perl.com
Subject: No -e allowed in setuid scripts
Download (untitled) / with headers
text/plain 3.3k
The following code fragment extracts a user's group id and verifies whether the user belongs to an authorized group to run the program. ----------------------------------------------------------- ($UserName) = getpwuid($<); ($GroupString) = $(; @Array_Of_GroupIDs = split (/ /, $GroupString); $Counter = 0; $Is_Authorized = 0; while ($Array_Of_GroupIDs[$Counter] ne "") { if ($Array_Of_GroupIDs[$Counter] eq "55") { $Is_Authorized = 1; } $Counter++; } if ($Is_Authorized == 0) { print ("You are not authorized to run this program.\n"); print ("This incident will be reported!\n"); } ----------------------------------------------------------- Now when I compile the above (using "perlcc"), i get the following: ----------------------------------------------------------- % perlcc usergroup.p -------------------------------------------------------------------------------- Compiling usergroup.p: -------------------------------------------------------------------------------- Making C(usergroup.p.c) for usergroup.p! /usr/bin/perl -I/opt/local/lib/perl5/5.00502/sun4-solaris-thread -I/opt/local/lib/perl5/5.00502 -I/opt/local/lib/perl5/site_perl/5.005/sun4-solaris-thread -I/opt/local/lib/perl5/site_perl/5.005 -I. -MO=CC,-ousergroup.p.c usergroup.p usergroup.p syntax OK Compiling C(usergroup) for usergroup.p! /usr/bin/perl -I/opt/local/lib/perl5/5.00502/sun4-solaris-thread -I/opt/local/lib/perl5/5.00502 -I/opt/local/lib/perl5/site_perl/5.005/sun4-solaris-thread -I/opt/local/lib/perl5/site_perl/5.005 -I. /tmp/usergroup.p.tst cc -D_REENTRANT -I/opt/local/include -I/opt/gnu/include -O -I/opt/local/lib/perl5/5.00502/sun4-solaris-thread/CORE /opt/local/lib/perl5/5.00502/sun4-solaris-thread/auto/Fcntl/Fcntl.so -o usergroup usergroup.p.c -L/opt/local/lib -L/opt/gnu/lib -L/opt/local/lib/perl5/5.00502/sun4-solaris-thread/CORE -lperl -lsocket -lnsl -ldl -lm -lposix4 -lpthread -lc -lcrypt % ----------------------------------------------------------- The compilation seems to have gone fine. However, when I "chown" the binary to "root", then "chmod" it to "4755" (or -rwsr-xr-x), and try to run it I get the following: ----------------------------------------------------------- % uname -rs SunOS 5.6 % id uid=1519(obeidm) gid=55(controls) % ls -ls ./usergroup 1632 -rwsr-xr-x 1 root controls 837616 Sep 30 14:46 ./usergroup % file ./usergroup ./usergroup: ELF 32-bit MSB executable SPARC Version 1, dynamically linked, not stripped % ./usergroup No -e allowed in setuid scripts. ----------------------------------------------------------- But then, I get the following when I run the set-user-id script: ----------------------------------------------------------- % ls -ls ./usergroup.p 2 -rwsr-xr-x 1 root controls 495 Oct 1 15:18 ./usergroup.p % file ./usergroup.p ./usergroup.p: set-uid executable /opt/local/bin/perl script % ./usergroup.p You are not authorized to run this program. This incident will be reported! ----------------------------------------------------------- which is what it is supposed to be with the binary. How come I get the above error message ("No -e allowed in setuid scripts") when I run the set-user-id binary, while the set-user-id script runs fine? I thought that might be a bug that should be reported to you. Oh, I'm running version version 5.005_02. Thanks! -Mustapha
Date: 4 Oct 1999 18:45:42 -0000
From: richard [...] tmtowtdi.perl.org
To: perl5-porters [...] perl.org
Subject: [ID 19991004.003] No -e allowed in setuid scripts
Download (untitled) / with headers
text/plain 3.3k
Hello, The following code fragment extracts a user's group id and verifies whether the user belongs to an authorized group to run the program. ----------------------------------------------------------- ($UserName) = getpwuid($<); ($GroupString) = $(; @Array_Of_GroupIDs = split (/ /, $GroupString); $Counter = 0; $Is_Authorized = 0; while ($Array_Of_GroupIDs[$Counter] ne "") { if ($Array_Of_GroupIDs[$Counter] eq "55") { $Is_Authorized = 1; } $Counter++; } if ($Is_Authorized == 0) { print ("You are not authorized to run this program.\n"); print ("This incident will be reported!\n"); } ----------------------------------------------------------- Now when I compile the above (using "perlcc"), i get the following: ----------------------------------------------------------- % perlcc usergroup.p -------------------------------------------------------------------------------- Compiling usergroup.p: -------------------------------------------------------------------------------- Making C(usergroup.p.c) for usergroup.p! /usr/bin/perl -I/opt/local/lib/perl5/5.00502/sun4-solaris-thread -I/opt/local/lib/perl5/5.00502 -I/opt/local/lib/perl5/site_perl/5.005/sun4-solaris-thread -I/opt/local/lib/perl5/site_perl/5.005 -I. -MO=CC,-ousergroup.p.c usergroup.p usergroup.p syntax OK Compiling C(usergroup) for usergroup.p! /usr/bin/perl -I/opt/local/lib/perl5/5.00502/sun4-solaris-thread -I/opt/local/lib/perl5/5.00502 -I/opt/local/lib/perl5/site_perl/5.005/sun4-solaris-thread -I/opt/local/lib/perl5/site_perl/5.005 -I. /tmp/usergroup.p.tst cc -D_REENTRANT -I/opt/local/include -I/opt/gnu/include -O -I/opt/local/lib/perl5/5.00502/sun4-solaris-thread/CORE /opt/local/lib/perl5/5.00502/sun4-solaris-thread/auto/Fcntl/Fcntl.so -o usergroup usergroup.p.c -L/opt/local/lib -L/opt/gnu/lib -L/opt/local/lib/perl5/5.00502/sun4-solaris-thread/CORE -lperl -lsocket -lnsl -ldl -lm -lposix4 -lpthread -lc -lcrypt % ----------------------------------------------------------- The compilation seems to have gone fine. However, when I "chown" the binary to "root", then "chmod" it to "4755" (or -rwsr-xr-x), and try to run it I get the following: ----------------------------------------------------------- % uname -rs SunOS 5.6 % id uid=1519(obeidm) gid=55(controls) % ls -ls ./usergroup 1632 -rwsr-xr-x 1 root controls 837616 Sep 30 14:46 ./usergroup % file ./usergroup ./usergroup: ELF 32-bit MSB executable SPARC Version 1, dynamically linked, not stripped % ./usergroup No -e allowed in setuid scripts. ----------------------------------------------------------- But then, I get the following when I run the set-user-id script: ----------------------------------------------------------- % ls -ls ./usergroup.p 2 -rwsr-xr-x 1 root controls 495 Oct 1 15:18 ./usergroup.p % file ./usergroup.p ./usergroup.p: set-uid executable /opt/local/bin/perl script % ./usergroup.p You are not authorized to run this program. This incident will be reported! ----------------------------------------------------------- which is what it is supposed to be with the binary. How come I get the above error message ("No -e allowed in setuid scripts") when I run the set-user-id binary, while the set-user-id script runs fine? I thought that might be a bug that should be reported to you. Oh, I'm running version version 5.005_02. Thanks! -Mustapha


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org