develooper Front page | perl.perl5.porters | Postings from April 2003

Re: perldoc -U doesn't run in insecure mode

Thread Previous | Thread Next
From:
Sean M. Burke
Date:
April 29, 2003 00:42
Subject:
Re: perldoc -U doesn't run in insecure mode
Message ID:
5.1.0.14.1.20030428233038.01d54970@mailstore.pobox.com
Tom McLane wrote:
>I'm trying to figure out why this is broken in AIX 5.2 (Perl 5.8.0).  As 
>of  right now, I can't run perldoc -U as root... I get the same error message:
>
># whoami
>root
># perldoc -U Carp
>Superuser must not run /usr/bin/perldoc without security audit and taint 
>checks.
>
>I'm in charge of the Perl shipping with AIX, so I'm just looking  for some 
>hints as to what might be wrong. Before I dive into code I've never seen.

Currently, for reasons a bit obscure to me, perldoc (now living and 
thriving as Pod::Perldoc) when running as root tries to drop privileges, 
and dies (with that error message) if it can't.  It has been suggested that 
I take out the dying part -- so that perldoc tries to drop root privileges, 
and if it can't, no problem.
Does this sound reasonable?

Everybody speak now or forever hold your Reese's pieces.

--
Sean M. Burke    http://search.cpan.org/~sburke/


Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About