*BSD News Article 43240


Return to BSD News archive

Xref: sserve comp.lang.perl:38833 comp.unix.bsd.bsdi.misc:16 comp.unix.aux:17515
Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!msunews!uwm.edu!math.ohio-state.edu!howland.reston.ans.net!news.sprintlink.net!psgrain!nntp.ski.mskcc.org!netnews.lightside.com!user35.lightside.com!user
From: fred@lightside.com (Fred Condo)
Newsgroups: comp.lang.perl,comp.unix.bsd.bsdi.misc,comp.unix.aux
Subject: Perl 4.036 SUID scripts & BSDI
Followup-To: comp.lang.perl
Date: Tue, 07 Mar 1995 01:50:32 -0800
Organization: Lightside, Inc. - Internet Provider
Lines: 38
Message-ID: <fred-0703950150320001@user35.lightside.com>
NNTP-Posting-Host: user35.lightside.com
Mime-Version: 1.0
Content-Type: text/plain;charset=US-ASCII
Content-Transfer-Encoding: 7bit

I hope someone can help a poor A/UX (SysVR2) guy who's suddenly been
thrust into the world of BSDI.

I have some perl (4.036) scripts that run SUID. These run very nicely on
my A/UX system, but refuse to run under BSDI. Neither the perl binary that
BSDI provided nor a newly compiled perl runs SUID scripts.

Consider this simple script:
#!/usr/bin/perl
print "Real UID: $<; Effective UID: $>\n";

It has these permissions:
-rwsr-xr-x  1 fredc  user  59 Mar  6 23:55 foo

When executed under BSDI, this is output when the owner executes it:
Real UID: 108; Effective UID: 108

and this is output when a non-owner executes it:
Real UID: 106; Effective UID: 106

When executed with identical permissions under A/UX, this is output when
the owner executes it:
Real UID: 1000; Effective UID: 1000

and this is output when a non-owner executes it:
Real UID: 1074; Effective UID: 1000

When I compiled perl myself for BSDI, it got even worse, as this message
was output when anyone executes this same script:
Can't swap uid and euid.

What is wrong? If BSDI cannot run SUID perl scripts, it will be a major
disaster. Thanks for any light that can be shed on this topic. I checked
the FAQ to no avail.
-- 
Fred Condo + fred@lightside.com + http://www.lightside.com/~fred/
Lightside, Inc. + Internet access + http://www.lightside.com/
PGP public key: finger fred@lightside.com