Why Perl do But Python can't?
Clarence Gardner
clarence at netlojix.com
Mon Jan 31 14:10:14 EST 2000
> > This is not true, and is a myth people need to get over. The danger
> > Kelly referred to exists on some Unix-like systems and not on others.
> > On a system where they are safe, there is no reason whatsoever to use
> > a setuid wrapper.
>
> Just out of interest, what is the reason why this in unsafe. I couldn't
> see the difference between a script and a binary.
It has to do with how the text of the script is provided to the
interpreter (Perl, Python, etc). The danger comes in if the operating
system, having started the interpreter and changed the processes
credentials according to the setxid bits, then passes it the name of the
script file to run -- that file may have been changed to a different one
by the time the interpreter opens it.
Safe systems (generally SystemV descendants, like Solaris and Irix, but
not Linux), do not pass the name of the actual script file to the
interpreter. The operating system opens the script file in the context
of the process, then passes it a filename from the file descriptor
filesystem that refers to it (e.g., /dev/fd/6), which cannot have been
tampered with.
More information about the Python-list
mailing list