SPUG: This /bin/ps is not secure for setuid operation
Kim Goldov
goldov at sounddomain.com
Thu Jul 20 13:15:57 CDT 2000
I've written a setuid script that runs as root and needs to look at the
output of the ps command....
$ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/X12R6/bin" ;
$ENV{BASH_ENV} = "" ;
$ENV{ENV} = "" ;
open (PS, "/bin/ps -ef|") || die "ouch" ;
my @ps = <PS> ;
It is failing with the following warning:
This /bin/ps is not secure for setuid operation.
If I do /bin/ls instead of /bin/ps there is no warning.
I could fork off a child and run the /bin/ps under the real uid, however I
don't see why I should have to do this. I'm not even trying to use any
tainted data. Why should /bin/ps be a problem and not /bin/ls?
________________________
Kim Goldov
SoundDomain, Inc.
425-820-2244 x24 | fax: 425-820-5951
http://www.sounddomain.com
goldov at sounddomain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
Subscriptions; Email to majordomo at pm.org: ACTION LIST EMAIL
Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
For full traffic, use spug-list for LIST ; otherwise use spug-list-digest
Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
More information about the spug-list
mailing list