Setuid/gid script is writable by world

If you do "ls -l path/name_of_your_script", you will probably see something like this at the beginning of the line of output from "ls": 

rwxrwxrwx ...

[download]
The error message is telling you that the ability to modify or rewrite the content of your script is available to everyone who has a login account on your particular host (or network, if the "path/" to your script happens to be on a network-accessible disk volume).

That's a major no-no for any process that involves setuid. Use "chmod" to limit write access to owner-only (not group and not other).

While you're at it, you should limit write permission on the directory that contains the script file in question -- even when the file itself is "rwxr-xr-x", having group and/or other write permission on the directory it's in allows anyone to delete or rename the file, and thereafter, put in some other file with the same name. (I don't know whether taint checking complains about permissions on the directory -- in any case, you should be concerned about that.)

In reply to Re: Need help getting rid of taint by graff
in thread Need help getting rid of taint by whollycow

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.