Re^3: Insecure dependency in open

In your OP you wrote

I'm running a program that's sgid, and it has a command-line interpreter from which I can execute unix commands.

Maybe you should set $UID = $EUID in that program?

--shmem

_($_=" "x(1<<5)."?\n".q·/)Oo.  G°\        /
                              /\_¯/(q    /
----------------------------  \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}

Comment on Re^3: Insecure dependency in open Download Code

Replies are listed 'Best First'.
Re^4: Insecure dependency in open by argv (Pilgrim) on Jan 21, 2007 at 22:11 UTC
Maybe you should set $UID = $EUID in that program? I don't have control over that program. (and it's besides the point; the question is a perl-related question, and should be answered assuming the user has no control over that program.) Dan Heller http://www.danheller.com	[reply]
Re^5: Insecure dependency in open by betterworld (Curate) on Jan 21, 2007 at 22:35 UTC
I think perl does in fact switch to taintedness if the program starts with different uid and euid. So if you cannot set the uid from the other program, maybe you would want to do something like this: `if ($UID != $EUID) { $UID=$EUID; exec($0, @ARGV); die $!; }` [download]	[reply] [d/l]