Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

A question about suidperl

by Corion (Patriarch)
on Oct 10, 2000 at 12:56 UTC ( [id://36048]=perlquestion: print w/replies, xml ) Need Help??

Corion has asked for the wisdom of the Perl Monks concerning the following question:

Just yesterday, somebody told me about this online PDF book called Securing and Optimizing Linux, which is very Red Hat centric but contains "some interesting topics like kernel optimization and security hints" (as that person told me). While browsing my copy, I stumbled over the suid and sgid security procedure, where they have a list of programs that have the suid flag set and which could/should be removed from a secure server.

What really astonished me was, that they left suidperl and a hardlink to it, sperl5.005_3 on the system, which somewhat defeats the whole purpose of removing suid programs at all.

So now my main question is, why have suidperl at all ? Which standard scripts and other stuff depend on it ?

Replies are listed 'Best First'.
(dchetlin: Do not.) Re: A question about suidperl
by dchetlin (Friar) on Oct 10, 2000 at 13:29 UTC
    No reason that I know of. There should definitely be no scripts that depend on it. Keep away. Bad suidperl. No biscuit.

    Although this book was put together before the major security vulnerability, it's still disappointing that they wouldn't have taken suidperl off -- intelligent people avoided it long before that last, most heinous straw.

    -dlc

RE: A question about suidperl
by Anonymous Monk on Oct 10, 2000 at 22:21 UTC
    Sorry- what is suidperl?
      Try checking perlsec, I believe there's information on it there (IIRC).

      - Zoogie

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://36048]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others having a coffee break in the Monastery: (5)
As of 2024-03-28 23:36 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found