SPUG: This /bin/ps is not secure for setuid operation

Barry Sharp bxs at sdc.cs.boeing.com
Thu Jul 20 16:11:59 CDT 2000 

Hi Kim,

I ran following script on a Cray T916 running UNICOS 10.0.0.7 under
normal user and root accounts with a script permission set to 4755
and had no problem :-))

Incidentally, I did see in our perl man pages the following
statement

"Setuid scripts have additional constraints that can produce error
 messages such as "Insecure dependency".  See the perlsec manpage.
 
 .
 .
 .
 
 NOTES
     The Perl motto is "There's more than one way to do it."  Divining how
     many more is left as an exercise to the reader."
     

---------
#!/local/bin/perl -T

$ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/bin/X11" ;
$ENV{BASH_ENV} = "" ;
$ENV{ENV} = "" ;

open (PS, "/bin/ps -ef|") || die "ouch" ;
my @ps = <PS> ;

print $ps[0], "\n";
print $ps[1], "\n";
print $ps[2], "\n";
----------

A perl -V on the Cray T916 produced the following, if this helps any.
(I've asterisked the S/N out)

----------
Summary of my perl5 (5.0 patchlevel 4 subversion 4) configuration:
  Platform:
    osname=unicos, osvers=10.0.0.2, archname=CRAY_TS-unicos
    uname='sn**** triton 10.0.0.2 tec.15 cray ts '
    hint=recommended, useposix=true, d_sigaction=define
    bincompat3=y useperlio=undef d_sfio=undef
  Compiler:
    cc='cc', optimize='-O1', gccversion=
    cppflags=''
    ccflags =''
    stdchar='unsigned char', d_stdstdio=define, usevfork=false
    voidflags=15, castflags=0, d_casti32=define, d_castneg=define
    intsize=8, alignbytes=8, usemymalloc=n, prototype=define
  Linker and Libraries:
    ld='ld', ldflags =''
    libpth=/lib /usr/lib
    libs=-lnsl -lmalloc -lc -lcrypt
    libc=/lib/libc.a, so=none
    useshrplib=false, libperl=libperl.a
  Dynamic Linking:
    dlsrc=dl_none.xs, dlext=none, d_dlsymun=undef, ccdlflags=''
    cccdlflags='', lddlflags=''


Characteristics of this binary (from libperl): 
  Built under unicos
  Compiled at Sep  1 1998 10:32:50
  @INC:
    /local/lib/perl5/CRAY_TS-unicos/5.00404
    /local/lib/perl5
    /local/lib/perl5/site_perl/CRAY_TS-unicos
    /local/lib/perl5/site_perl
    .
------------


Regards...
Barry Sharp
The Boeing Company - Share Service Group
Engineering Operating Systems
P.O. Box 3707 MC 7J-04
Seattle, WA 98124-2207
USA

Tel:   425-865-6411 (USA)
Fax:   425-865-2221 (USA)
Email: barry.sharp at boeing.com (stable)


> X-Authentication-Warning: happyfunball.pm.org: mjordomo set sender to 
owner-spug-list at pm.org using -f
> From: "Kim Goldov" <goldov at sounddomain.com>
> To: "Seattle Perl Users Group" <spug-list at pm.org>
> Subject: SPUG: This /bin/ps is not secure for setuid operation
> Date: Thu, 20 Jul 2000 11:15:57 -0700
> X-Priority: 3 (Normal)
> X-MSMail-Priority: Normal
> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
> 
> I've written a setuid script that runs as root and needs to look at the
> output of the ps command....
> 
> $ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/X12R6/bin" ;
> $ENV{BASH_ENV} = "" ;
> $ENV{ENV} = "" ;
> 
> open (PS, "/bin/ps -ef|") || die "ouch" ;
> my @ps = <PS> ;
> 
> It is failing with the following warning:
> 
> This /bin/ps is not secure for setuid operation.
> 
> If I do /bin/ls instead of /bin/ps there is no warning.
> 
> I could fork off a child and run the /bin/ps under the real uid, however I
> don't see why I should have to do this. I'm not even trying to use any
> tainted data. Why should /bin/ps be a problem and not /bin/ls?
> 
> ________________________
> Kim Goldov
> SoundDomain, Inc.
> 425-820-2244 x24 | fax: 425-820-5951
> http://www.sounddomain.com
> goldov at sounddomain.com
> 
> 
>  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>      POST TO: spug-list at pm.org       PROBLEMS: owner-spug-list at pm.org
>       Subscriptions; Email to majordomo at pm.org:  ACTION  LIST  EMAIL
>   Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
>  For full traffic, use spug-list for LIST ; otherwise use spug-list-digest
>   Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
> 
> 


 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
     POST TO: spug-list at pm.org       PROBLEMS: owner-spug-list at pm.org
      Subscriptions; Email to majordomo at pm.org:  ACTION  LIST  EMAIL
  Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
 For full traffic, use spug-list for LIST ; otherwise use spug-list-digest
  Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/

More information about the spug-list mailing list