Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

provide a better c wrapper example in perlsec #10289

Closed
p5pRT opened this issue Apr 8, 2010 · 9 comments
Closed

provide a better c wrapper example in perlsec #10289

p5pRT opened this issue Apr 8, 2010 · 9 comments

Comments

@p5pRT
Copy link
Collaborator

@p5pRT p5pRT commented Apr 8, 2010

Migrated from rt.perl.org#74142 (status was 'resolved')

Searchable as RT74142$

@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Apr 8, 2010

From @jquelin

Created by @jquelin

perl 5.12 doesn't ship perlsuid anymore. it's said so in perlsec, with a
small piece of a c code to use as a wrapper calling the real perl
script, the goal being to setuid the wrapper instead.

however, the wrapper could be better, such as sanitizing env, or
whatever any security-aware people will recommend.

==> in order to have a smooth transition, it would be good to provide a
more secure wrapper to be used easily.

Perl Info

Flags:
    category=docs
    severity=low

Site configuration information for perl 5.12.0:

Configured by Mandriva at Thu Apr  8 16:20:55 CEST 2010.

Summary of my perl5 (revision 5 version 12 subversion 0) configuration:
   
  Platform:
    osname=linux, osvers=2.6.33.1-desktop-1mnb, archname=x86_64-linux-thread-multi
    uname='linux localhost 2.6.33.1-desktop-1mnb #1 smp tue mar 16 18:22:58 utc 2010 x86_64 x86_64 x86_64 gnulinux '
    config_args='-des -Dinc_version_list=5.10.1 5.10.0 5.8.8 5.8.7 5.8.6 5.8.5 5.8.4 5.8.3 5.8.2 5.8.1 5.8.0 5.6.1 5.6.0 -Darchname=x86_64-linux -Dcc=x86_64-mandriva-linux-gnu-gcc -Doptimize=-O2 -g -pipe -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -DDEBUGGING=-g -Dprefix=/usr -Dvendorprefix=/usr -Dsiteprefix=/usr -Dsitebin=/usr/local/bin -Dsiteman1dir=/usr/local/share/man/man1 -Dsiteman3dir=/usr/local/share/man/man3 -Dman3ext=3pm -Dcf_by=Mandriva -Dmyhostname=localhost -Dperladmin=root@localhost -Dcf_email=root@localhost -Ud_csh -Duseshrplib -Duseithreads -Di_db -Di_ndbm -Di_gdbm'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=define, usemultiplicity=define
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='x86_64-mandriva-linux-gnu-gcc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O2 -g -pipe -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4',
    cppflags='-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
    ccversion='', gccversion='4.4.3', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='x86_64-mandriva-linux-gnu-gcc', ldflags =' -fstack-protector -L/usr/local/lib64'
    libpth=/usr/local/lib64 /lib64 /usr/lib64
    libs=-lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lpthread -lc -lgdbm_compat
    perllibs=-lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
    libc=/lib/libc-2.11.1.so, so=so, useshrplib=true, libperl=libperl.so
    gnulibc_version='2.11.1'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/usr/lib/perl5/5.12.0/x86_64-linux-thread-multi/CORE'
    cccdlflags='-fPIC', lddlflags='-shared -O2 -g -pipe -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector --param=ssp-buffer-size=4 -L/usr/local/lib64'

Locally applied patches:
    RC4
    Mandriva Linux patches


@INC for perl 5.12.0:
    /home/jquelin/rpm/cooker/perl/BUILD/perl-5.12.0-RC4/lib
    /usr/lib/perl5/site_perl/5.12.0/x86_64-linux-thread-multi
    /usr/lib/perl5/site_perl/5.12.0
    /usr/lib/perl5/vendor_perl/5.12.0/x86_64-linux-thread-multi
    /usr/lib/perl5/vendor_perl/5.12.0
    /usr/lib/perl5/5.12.0/x86_64-linux-thread-multi
    /usr/lib/perl5/5.12.0
    /usr/lib/perl5/site_perl/5.10.1
    /usr/lib/perl5/site_perl/5.10.0
    /usr/lib/perl5/site_perl
    /usr/lib/perl5/vendor_perl/5.10.1
    /usr/lib/perl5/vendor_perl/5.10.0
    /usr/lib/perl5/vendor_perl/5.8.8
    /usr/lib/perl5/vendor_perl
    .


Environment for perl 5.12.0:
    HOME=/home/jquelin
    LANG=fr_FR.UTF-8
    LANGUAGE=fr_FR.UTF-8:fr
    LC_ADDRESS=fr_FR.UTF-8
    LC_COLLATE=fr_FR.UTF-8
    LC_CTYPE=fr_FR.UTF-8
    LC_IDENTIFICATION=fr_FR.UTF-8
    LC_MEASUREMENT=fr_FR.UTF-8
    LC_MESSAGES=fr_FR.UTF-8
    LC_MONETARY=fr_FR.UTF-8
    LC_NAME=fr_FR.UTF-8
    LC_NUMERIC=fr_FR.UTF-8
    LC_PAPER=fr_FR.UTF-8
    LC_SOURCED=1
    LC_TELEPHONE=fr_FR.UTF-8
    LC_TIME=fr_FR.UTF-8
    LD_LIBRARY_PATH=.
    LOGDIR (unset)
    PATH=.:/home/jquelin/bin:/home/jquelin/bin:/home/jquelin/bin:/home/jquelin/bin:/usr/bin:/bin:/usr/local/bin:/usr/X11R6/bin/:/usr/games:/usr/lib/qt4/bin:/sbin:/usr/sbin:/usr/games:/sbin:/usr/sbin:/usr/games:/sbin:/usr/sbin:/usr/games:/sbin:/usr/sbin:/usr/games
    PERL5LIB=/home/jquelin/rpm/cooker/perl/BUILD/perl-5.12.0-RC4/lib
    PERL_BADLANG (unset)
    SHELL=/bin/bash

@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Apr 8, 2010

From @iabyn

Hmm, that wrapper example has been there since about 1996, and still uses
K&R arg conventions! Definitely a good idea to improve it now, though.

@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Apr 8, 2010

The RT System itself - Status changed from 'new' to 'open'

@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Apr 9, 2010

From zefram@fysh.org

Jerome Quelin wrote​:

however, the wrapper could be better,

I think we should be promoting the use of sudo, before suggesting a
custom wrapper.

-zefram

@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Apr 9, 2010

From @obra

On Fri, Apr 09, 2010 at 12​:24​:35PM +0100, Zefram wrote​:

Jerome Quelin wrote​:

however, the wrapper could be better,

I think we should be promoting the use of sudo, before suggesting a
custom wrapper.

+1

-zefram

--

@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Dec 11, 2017

From zefram@fysh.org

The C wrapper code is actually fine as it is​: its purpose is to
avoid the shebang race condition, not to sanitise other aspects of
the environment. Much of perlsec is about how Perl is actually OK to
run set-id. However, the documentation about the race condition and
the wrapper was poor. I've revised it, and added a section about sudo,
in commit b5145c7.

-zefram

@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Dec 11, 2017

@cpansprout - Status changed from 'open' to 'pending release'

@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Jun 23, 2018

From @khwilliamson

Thank you for filing this report. You have helped make Perl better.

With the release yesterday of Perl 5.28.0, this and 185 other issues have been
resolved.

Perl 5.28.0 may be downloaded via​:
https://metacpan.org/release/XSAWYERX/perl-5.28.0

If you find that the problem persists, feel free to reopen this ticket.

@p5pRT p5pRT closed this Jun 23, 2018
@p5pRT
Copy link
Collaborator Author

@p5pRT p5pRT commented Jun 23, 2018

@khwilliamson - Status changed from 'pending release' to 'resolved'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.