[Eug-lug] Linux- Mac OS X file exchange: This sounds right
T. Joseph Carter
knghtbrd at bluecherry.net
Tue Aug 1 00:14:39 PDT 2006
On Mon, Jul 31, 2006 at 09:48:46PM -0700, Allen Brown wrote:
> It is tempting to also use nosuid, but there is a warning on
> the mount page.
> nosuid Do not allow set-user-identifier or set-group-identifier
> bits to take effect. (This seems safe, but is in fact
> rather unsafe if you have suidperl(1) installed.)
>
> What the heck is that? I don't seem to have it installed,
> but this makes me nervous because I wouldn't necessarily
> notice if it came in along with a bunch of other stuff
> in an apt-get.
suidperl is a thing that lets you run perl scripts setuid. Normally you
can't do that anymore than you can run a shell script that way. suidperl
is a workaround to make that possible. It's an evil thing, you don't want
it, ever. In fact, I suggest if you're concerned, edit your dpkg status
file and create a fake entry claiming to be suidperl with a version like
7:0.0.0 and no files associated with it or anything.
More information about the EUGLUG
mailing list