sperl, oraz openwebmail
Radoslaw Zielinski
radek at karnet.pl
Mon Nov 1 11:38:09 CET 2004
Michał Łukaszek <prism at hornet.eu.org> [01-11-2004 00:07]:
[...]
> Czy link suidperl nie powinien przypadkiem wskazywać na sperl5.8.5 ?
> IMO tak, ale nawet po zmianie powyższego przy próbie dotknięcia
Twoja O jest błędna. perl584delta:
=head2 suidperl less insecure
Paul Szabo has analysed and patched C<suidperl> to remove existing known
insecurities. Currently there are no known holes in C<suidperl>, but
previous experience shows that we cannot be confident that these were the
last. You may no longer invoke the set uid perl directly, so to preserve
backwards compatibility with scripts that invoke #!/usr/bin/suidperl
the only set uid binary is now C<sperl5.8.>I<n> (C<sperl5.8.4> for
this release). C<suidperl> is installed as a hard link to C<perl>;
both C<suidperl> and C<perl> will invoke C<sperl5.8.4> automatically
the set uid binary, so this change should be completely transparent.
For new projects the core perl team would strongly recommend that you use
dedicated, single purpose security tools such as C<sudo> in preference
to C<suidperl>.
Sugestia na przyszłość: przed wyrobieniem sobie opinii odrób zadanie
domowe. :->
--
Radosław Zieliński <radek at karnet.pl>
[ GPG key: http://radek.karnet.pl/ ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: </mailman/pipermail/pld-devel-pl/attachments/20041101/d1e44031/attachment.sig>
More information about the pld-devel-pl
mailing list