I have reversed the order of $EUID and $EGID in the two list context assignments at the begin and the end of the script for testing. [...] Perhaps Perl tries to be overly smart
Yes, this is what happens in the special-cased handling of list assignment at pp_hot.c:S_aassign_uid that I mentioned earlier: assignments to any of the four variables are deferred until the reset of the list assignment is complete, then they are explicitly assigned ($UID and $EUID) first, ($GID and $EGID) next. This is the aspect that one could most plausibly argue is buggy.
The bit that troubles me is that it is presumably not safe to assume that every such list assignment is aimed at dropping privileges; and in a world with ACLs, it maybe also be tricky to determine whether that's the intent. (The gist you link to, on the other hand, is specifically aimed at dropping privileges. In that context, "must setgid() before setuid()" makes perfect sense.)
... suid_wrapper ...
Thanks, I'll take a look at that: I've hand-crafted such suid wrappers in the past, but not in the last decade or two. If I get that far before you do, I'll write up an issue around this.
In reply to Re^4: Not understanding the code to drop privileges in perlsec
by hv
in thread Not understanding the code to drop privileges in perlsec
by Nocturnus
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |