This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

setuid dbupdate

Next message (by thread): setuid dbupdate

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Gabor Kiss kissg at sztaki.hu
Fri Dec 6 18:04:24 CET 1996

Dear Ambrose,

The ripe-dbase-2.0.4/README file writes:

- perl has some build in checks for suid perl scripts. These are all
  taken care of, so dbupdate should not complain about not being able to
  do things because it is running suid or sgid. Have a look in the code
  for dbupdate to see what silly things one has to do to get around these
  checks ...


kissg writes:

This is not enough. ;-)

   Under Solaris 2.5, and with ...

   This is perl, version 5.003 with EMBED
	built under solaris at Sep 17 1996 16:40:19
	+ suidperl security patch

I get:

"Insecure dependency in open while running with -T switch at /usr/local/whois/lib/addkey.pl line 52."

52:       if (open(OVERFLOWADD, ">>".$db[1].$OVERFLOWEXTENSION.$value)) {

I tried at least six different tricks to avoid this message. No success.
(Hardcoded direct setuid C wrapper is not included in the six.)

Any suggestion?

Gabor

Next message (by thread): setuid dbupdate

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]