SPUG: This /bin/ps is not secure for setuid operation
Alan E. Derhaag
aderhaa at n2h2.com
Thu Jul 20 16:25:57 CDT 2000
Characteristically, I usually add the following when running under
taint mode:
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
rather than the
> $ENV{BASH_ENV} = "" ;
> $ENV{ENV} = "" ;
you included. My machine complains about IFS being unsecure!
Barry Sharp <bxs at sdc.cs.boeing.com> writes:
> Hi Kim,
>
> I ran following script on a Cray T916 running UNICOS 10.0.0.7 under
> normal user and root accounts with a script permission set to 4755
> and had no problem :-))
>
> Incidentally, I did see in our perl man pages the following
> statement
>
> "Setuid scripts have additional constraints that can produce error
> messages such as "Insecure dependency". See the perlsec manpage.
>
> .
> .
> .
>
> NOTES
> The Perl motto is "There's more than one way to do it." Divining how
> many more is left as an exercise to the reader."
>
>
> ---------
> #!/local/bin/perl -T
>
> $ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/bin/X11" ;
> $ENV{BASH_ENV} = "" ;
> $ENV{ENV} = "" ;
>
> open (PS, "/bin/ps -ef|") || die "ouch" ;
> my @ps = <PS> ;
>
> print $ps[0], "\n";
> print $ps[1], "\n";
> print $ps[2], "\n";
> ----------
>
> A perl -V on the Cray T916 produced the following, if this helps any.
> (I've asterisked the S/N out)
>
> ----------
> Summary of my perl5 (5.0 patchlevel 4 subversion 4) configuration:
> Platform:
> osname=unicos, osvers=10.0.0.2, archname=CRAY_TS-unicos
> uname='sn**** triton 10.0.0.2 tec.15 cray ts '
> hint=recommended, useposix=true, d_sigaction=define
> bincompat3=y useperlio=undef d_sfio=undef
> Compiler:
> cc='cc', optimize='-O1', gccversion=
> cppflags=''
> ccflags =''
> stdchar='unsigned char', d_stdstdio=define, usevfork=false
> voidflags=15, castflags=0, d_casti32=define, d_castneg=define
> intsize=8, alignbytes=8, usemymalloc=n, prototype=define
> Linker and Libraries:
> ld='ld', ldflags =''
> libpth=/lib /usr/lib
> libs=-lnsl -lmalloc -lc -lcrypt
> libc=/lib/libc.a, so=none
> useshrplib=false, libperl=libperl.a
> Dynamic Linking:
> dlsrc=dl_none.xs, dlext=none, d_dlsymun=undef, ccdlflags=''
> cccdlflags='', lddlflags=''
>
>
> Characteristics of this binary (from libperl):
> Built under unicos
> Compiled at Sep 1 1998 10:32:50
> @INC:
> /local/lib/perl5/CRAY_TS-unicos/5.00404
> /local/lib/perl5
> /local/lib/perl5/site_perl/CRAY_TS-unicos
> /local/lib/perl5/site_perl
> .
> ------------
>
>
> Regards...
> Barry Sharp
> The Boeing Company - Share Service Group
> Engineering Operating Systems
> P.O. Box 3707 MC 7J-04
> Seattle, WA 98124-2207
> USA
>
> Tel: 425-865-6411 (USA)
> Fax: 425-865-2221 (USA)
> Email: barry.sharp at boeing.com (stable)
>
>
> > X-Authentication-Warning: happyfunball.pm.org: mjordomo set sender to
> owner-spug-list at pm.org using -f
> > From: "Kim Goldov" <goldov at sounddomain.com>
> > To: "Seattle Perl Users Group" <spug-list at pm.org>
> > Subject: SPUG: This /bin/ps is not secure for setuid operation
> > Date: Thu, 20 Jul 2000 11:15:57 -0700
> > X-Priority: 3 (Normal)
> > X-MSMail-Priority: Normal
> > X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
> >
> > I've written a setuid script that runs as root and needs to look at the
> > output of the ps command....
> >
> > $ENV{PATH} = "/sbin:/usr/sbin:/bin:/usr/bin:/usr/X12R6/bin" ;
> > $ENV{BASH_ENV} = "" ;
> > $ENV{ENV} = "" ;
> >
> > open (PS, "/bin/ps -ef|") || die "ouch" ;
> > my @ps = <PS> ;
> >
> > It is failing with the following warning:
> >
> > This /bin/ps is not secure for setuid operation.
> >
> > If I do /bin/ls instead of /bin/ps there is no warning.
> >
> > I could fork off a child and run the /bin/ps under the real uid, however I
> > don't see why I should have to do this. I'm not even trying to use any
> > tainted data. Why should /bin/ps be a problem and not /bin/ls?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Alan E. Derhaag N2H2, Creators of Bess and Searchopolis
phone: 206-336-2972 900 Fourth Avenue, Suite 3400
email: aderhaa at n2h2.com,aderhaag at wolfenet.com Seattle, WA 98164
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
POST TO: spug-list at pm.org PROBLEMS: owner-spug-list at pm.org
Subscriptions; Email to majordomo at pm.org: ACTION LIST EMAIL
Replace ACTION by subscribe or unsubscribe, EMAIL by your Email-address
For full traffic, use spug-list for LIST ; otherwise use spug-list-digest
Seattle Perl Users Group (SPUG) Home Page: http://www.halcyon.com/spug/
More information about the spug-list
mailing list