diff options
| author | joerg <joerg@FreeBSD.org> | 1997-03-01 12:58:49 +0000 |
|---|---|---|
| committer | joerg <joerg@FreeBSD.org> | 1997-03-01 12:58:49 +0000 |
| commit | cef9419ed37ed62ad436ea203d067b475d1b8bae (patch) | |
| tree | 75d27297a0928fc713c74ff30042530515b985dd /gnu | |
| parent | 2e4d98572ad25b024633862d5ccc2742f22eda98 (diff) | |
| download | FreeBSD-src-cef9419ed37ed62ad436ea203d067b475d1b8bae.zip FreeBSD-src-cef9419ed37ed62ad436ea203d067b475d1b8bae.tar.gz | |
Plug an old security hole: suidperl didn't honor MNT_NOSUID.
Strong 2.2 and 2.1.x candidate. Someone should review the patch before,
however.
The maintainer of the Perl5 port should probably introduce a similar patch
there.
Diffstat (limited to 'gnu')
| -rw-r--r-- | gnu/usr.bin/perl/perl/perl.c | 18 | ||||
| -rw-r--r-- | gnu/usr.bin/perl/perl/perl.h | 7 |
2 files changed, 23 insertions, 2 deletions
diff --git a/gnu/usr.bin/perl/perl/perl.c b/gnu/usr.bin/perl/perl/perl.c index de956af..d41280b 100644 --- a/gnu/usr.bin/perl/perl/perl.c +++ b/gnu/usr.bin/perl/perl/perl.c @@ -1,4 +1,4 @@ -char rcsid[] = "$RCSfile: perl.c,v $$Revision: 1.5 $$Date: 1996/06/02 19:59:24 $\nPatch level: ###\n"; +char rcsid[] = "$RCSfile: perl.c,v $$Revision: 1.7 $$Date: 1996/06/30 09:47:56 $\nPatch level: ###\n"; /* * Copyright (c) 1991, Larry Wall * @@ -6,6 +6,11 @@ char rcsid[] = "$RCSfile: perl.c,v $$Revision: 1.5 $$Date: 1996/06/02 19:59:24 $ * License or the Artistic License, as specified in the README file. * * $Log: perl.c,v $ + * Revision 1.7 1996/06/30 09:47:56 joerg + * Back out Nate's changes from rev. 1.6; our Perl has not been + * vulnerable since it used setreuid() as opposed to Posix saved IDs. + * The change broke setuid scripts. + * * Revision 1.5 1996/06/02 19:59:24 gpalmer * Use setreuid instead of seteuid for permissions management * @@ -496,6 +501,17 @@ sed %s -e \"/^[^#]/b\" \ #ifdef DOSUID if (fstat(fileno(rsfp),&statbuf) < 0) /* normal stat is insecure */ fatal("Can't stat script \"%s\"",origfilename); +#ifdef IAMSUID + { + struct statfs stfs; + + if (fstatfs(fileno(rsfp),&stfs) < 0) + fatal("Can't statfs filesystem of script \"%s\"",origfilename); + + if (stfs.f_flags & MNT_NOSUID) + fatal("Permission denied"); + } +#endif /* IAMSUID */ if (statbuf.st_mode & (S_ISUID|S_ISGID)) { int len; diff --git a/gnu/usr.bin/perl/perl/perl.h b/gnu/usr.bin/perl/perl/perl.h index 7693aa0..af5873d 100644 --- a/gnu/usr.bin/perl/perl/perl.h +++ b/gnu/usr.bin/perl/perl/perl.h @@ -1,4 +1,4 @@ -/* $RCSfile: perl.h,v $$Revision: 1.1.1.1 $$Date: 1994/09/10 06:27:35 $ +/* $RCSfile: perl.h,v $$Revision: 1.2 $$Date: 1995/05/30 05:03:11 $ * * Copyright (c) 1991, Larry Wall * @@ -6,6 +6,9 @@ * License or the Artistic License, as specified in the README file. * * $Log: perl.h,v $ + * Revision 1.2 1995/05/30 05:03:11 rgrimes + * Remove trailing whitespace. + * * Revision 1.1.1.1 1994/09/10 06:27:35 gclarkii * Initial import of Perl 4.046 bmaked * @@ -251,6 +254,8 @@ typedef unsigned int MEM_SIZE; #endif #endif +#include <sys/mount.h> + #ifdef I_TIME # include <time.h> #endif |
