SPUG: This /bin/ps is not secure for setuid operation
Barry Sharp
bxs at sdc.cs.boeing.com
Thu Jul 20 16:11:59 CDT 2000
Hi Kim,
I ran following script on a Cray T916 running UNICOS 10.0.0.7 under
normal user and root accounts with a script permission set to 4755
and had no problem :-))
Incidentally, I did see in our perl man pages the following
statement
"Setuid scripts have additional constraints that can produce error
messages such as "Insecure dependency". See the perlsec manpage.
.
.
.
NOTES
The Perl motto is "There's more than one way to do it." Divining how
many more is left as an exercise to the reader."
---------
#!/local/bin/perl -T
$ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/bin/X11" ;
$ENV{BASH_ENV} = "" ;
$ENV{ENV} = "" ;
open (PS, "/bin/ps -ef|") || die "ouch" ;
my @ps = <PS> ;
print $ps[0], "\n";
print $ps[1], "\n";
print $ps[2], "\n";
----------
A perl -V on the Cray T916 produced the following, if this helps any.
(I've asterisked the S/N out)
----------
Summary of my perl5 (5.0 patchlevel 4 subversion 4) configuration:
Platform:
osname=unicos, osvers=10.0.0.2, archname=CRAY_TS-unicos
uname='sn**** triton 10.0.0.2 tec.15 cray ts '
hint=recommended, useposix=true, d_sigaction=define
bincompat3=y useperlio=undef d_sfio=undef
Compiler:
cc='cc', optimize='-O1', gccversion=
cppflags=''
ccflags =''
stdchar='unsigned char', d_stdstdio=define, usevfork=false
voidflags=15, castflags=0, d_casti32=define, d_castneg=define
intsize=8, alignbytes=8, usemymalloc=n, prototype=define
Linker and Libraries:
ld='ld', ldflags =''
libpth=/lib /usr/lib
libs=-lnsl -lmalloc -lc -lcrypt
libc=/lib/libc.a, so=none
useshrplib=false, libperl=libperl.a
Dynamic Linking:
dlsrc=dl_none.xs, dlext=none, d_dlsymun=undef, ccdlflags=''
cccdlflags='', lddlflags=''
Characteristics of this binary (from libperl):
Built under unicos
Compiled at Sep 1 1998 10:32:50
@INC:
/local/lib/perl5/CRAY_TS-unicos/5.00404
/local/lib/perl5
/local/lib/perl5/site_perl/CRAY_TS-unicos
/local/lib/perl5/site_perl
.
------------
Regards...
Barry Sharp
The Boeing Company - Share Service Group
Engineering Operating Systems
P.O. Box 3707 MC 7J-04
Seattle, WA 98124-2207
USA
Tel: 425-865-6411 (USA)
Fax: 425-865-2221 (USA)
Email: barry.sharp at boeing.com (stable)
> X-Authentication-Warning: happyfunball.pm.org: mjordomo set sender to
owner-spug-list at pm.org using -f
> From: "Kim Goldov" <goldov at sounddomain.com>
> To: "Seattle Perl Users Group" <spug-list at pm.org>
> Subject: SPUG: This /bin/ps is not secure for setuid operation
> Date: Thu, 20 Jul 2000 11:15:57 -0700
> X-Priority: 3 (Normal)
> X-MSMail-Priority: Normal
> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
>
> I've written a setuid script that runs as root and needs to look at the
> output of the ps command....
>
> $ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/X12R6/bin" ;
> $ENV{BASH_ENV} = "" ;
> $ENV{ENV} = "" ;
>
> open (PS, "/bin/ps -ef|") || die "ouch" ;
> my @ps = <PS> ;
>
> It is failing with the following warning:
>
> This /bin/ps is not secure for setuid operation.
>
> If I do /bin/ls instead of /bin/ps there is no warning.
>
> I could fork off a child and run the /bin/ps under the real uid, however I
> don't see why I should have to do this. I'm not even trying to use any
> tainted data. Why should /bin/ps be a problem and not /bin/ls?
>
> ________________________
> Kim Goldov
> SoundDomain, Inc.
> 425-820-2244 x24 | fax: 425-820-5951
> http://www.sounddomain.com
> goldov at sounddomain.com
>
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
> Subscriptions; Email to majordomo at pm.org: ACTION LIST EMAIL
> Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
> For full traffic, use spug-list for LIST ; otherwise use spug-list-digest
> Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
>
>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
Subscriptions; Email to majordomo at pm.org: ACTION LIST EMAIL
Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
For full traffic, use spug-list for LIST ; otherwise use spug-list-digest
Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
More information about the spug-list
mailing list