Why was suid support dropped in perl?

Discussion in 'Perl Misc' started by shrike@cyberspace.org, Oct 19, 2012.

  1. Guest

    ####
    From the INSTALL file of 5.16:
    suidperl was an optional component of earlier releases of perl. It is no
    longer available. Instead, use a tool specifically designed to handle
    changes in privileges, such as B<sudo>.
    ####

    I imagine this has busted quite a few sysadmin tools across perls install base. Why the change?
     
    , Oct 19, 2012
    #1
    1. Advertising

  2. "" <> writes:
    > ####
    > From the INSTALL file of 5.16:
    > suidperl was an optional component of earlier releases of perl. It is no
    > longer available. Instead, use a tool specifically designed to handle
    > changes in privileges, such as B<sudo>.
    > ####
    >
    > I imagine this has busted quite a few sysadmin tools across perls
    > install base. Why the change?


    I do not know who came up with the idea to install the perl
    interpeter(!) as setuid-0 program because providing a functionally
    equivalent facility in C is so dead easy: Just compile the program
    below, install as 'setuid whatever you want to' and all other local
    users will be able to execute arbitrary code with the desired
    privilege level.

    #include <unistd.h>

    int main(int argc, char **argv)
    {
    setuid(geteuid());
    execvp(argv[1], argv + 1);
    return 0;
    }
     
    Rainer Weikusat, Oct 19, 2012
    #2
    1. Advertising

  3. Guest

    On Friday, October 19, 2012 5:48:03 PM UTC-4, Ben Morrow wrote:
    > Quoth "" <>:
    >
    > > ####

    >
    > > From the INSTALL file of 5.16:

    >
    > > suidperl was an optional component of earlier releases of perl. It is no

    >
    > > longer available. Instead, use a tool specifically designed to handle

    >
    > > changes in privileges, such as B<sudo>.

    >
    > > ####

    >
    > >

    >
    > > I imagine this has busted quite a few sysadmin tools across perls

    >
    > > install base. Why the change?

    >
    >
    >
    > suidperl has had many security problems over the years, has not been
    >
    > part of the default install for a long time, and has been explicitly
    >
    > deprecated in INSTALL since at least 5.10.0. The design of suidperl
    >
    > requires it to link all of the argument-parsing code of perl itself,
    >
    > which is rather complicated and not something you want to link into a
    >
    > vulnerable program if you can help it. In practice using sudo instead is
    >
    > pretty-much never a problem.
    >
    >
    >
    > Ben


    It turns out I have run into such a problem: running a driver written in perl on a remote host via SSH. Either I turn off the tty requirement for sudoon the whole box, or I embed perl. I would much rather make a fifo, fork and seteuid() down to nobody to isolate privs.

    In terms of making a redistributable package, if I touch sudo then I have to support sudo, and if I use a cheap wrapper, it looks kludgy. To embed I have to code in C, and frankly my C leaves something to be desired. Python does support suid I think, but I'm not adding more interpreters to my box.

    Embedding perl is a pretty tall order just to get a monolithic redistributable out of the deal. Any other options?
     
    , Oct 20, 2012
    #3
  4. Guest

    On Tuesday, October 23, 2012 7:29:35 PM UTC-4, Andrew Gideon wrote:
    > On Sat, 20 Oct 2012 09:59:11 -0700, wrote:
    >
    >
    >
    > > It turns out I have run into such a problem: running a driver written in

    >
    > > perl on a remote host via SSH.

    >
    >
    >
    > Why not permit SSH to root using a key pair with a command restriction?
    >
    > Since the command runs as root, there's no su-ing required.
    >
    >
    >
    > This does have the risks associated with the program itself running as
    >
    > root, but you'd have those anyway, right?
    >
    >
    >
    > - Andrewq


    Because then I would have to support public key rhost based authentication for sshd, which is an even worse proposition than supporting sudo. If I touch _anything_ else, I own it. All I can reasonably expect to secure or support is _my_ code. This is the basic reality of software support.

    My concern is not whether _I_ can use it. My concern is whether somebody else can use it by following a short set of instructions. "chmod +s" works. sudo or rhost+sshd is a 3 hour support call. And I'm not going to tell somebody to turn on remote access for the root account for sshd, when I have no reasonable expectation that they understand the consequences of doing so.
     
    , Oct 29, 2012
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jeff Epler

    Re: suid Python script

    Jeff Epler, Aug 24, 2003, in forum: Python
    Replies:
    0
    Views:
    451
    Jeff Epler
    Aug 24, 2003
  2. Mr. SweatyFinger
    Replies:
    2
    Views:
    2,226
    Smokey Grindel
    Dec 2, 2006
  3. rustom

    suid/sudo in python

    rustom, Mar 30, 2009, in forum: Python
    Replies:
    0
    Views:
    356
    rustom
    Mar 30, 2009
  4. Rustom Mody

    Re. suid/sudo in python

    Rustom Mody, Mar 30, 2009, in forum: Python
    Replies:
    3
    Views:
    1,743
    rustom
    Mar 31, 2009
  5. suid-perl deprecated... why?

    , Dec 1, 2004, in forum: Perl Misc
    Replies:
    4
    Views:
    473
Loading...

Share This Page