develooper Front page | perl.perl5.porters | Postings from October 2003

Re: [perl #24122] setreuid and friends borked on darwin/osx

Thread Previous | Thread Next
Slaven Rezic
October 6, 2003 15:51
Re: [perl #24122] setreuid and friends borked on darwin/osx
Message ID:
" (via RT)" <> writes:

> # New Ticket Created by 
> # Please include the string:  [perl #24122]
> # in the subject line of all future correspondence about this issue. 
> # <URL: >
> This is a bug report for perl from,
> generated with the help of perlbug 1.34 running under perl v5.8.1.
> -----------------------------------------------------------------
> [Please enter your report here]
> The library calls setruid, setrgid, setreuid, and setregid on
> darwin (MacOS X) are severely broken, causing any attempt to
> change $< or $( to fail silently.
> This will cause problems in scripts that use those variables to
> drop privileges.  Either they'll die unpleasantly (if they properly
> check $< afterwards) or they might gain a security vulnerability.
> Scripts that use POSIX::setuid will be unaffected ofcourse.
> The only solution I can think of is to make the configure script
> pretend those four calls don't exist on darwin.  Properly testing
> whether they work would require root perms.

Or better, just add


to darwin's hints file (just like the lines in hints/ for
older FreeBSD releases).



Slaven Rezic -

    tkrevdiff - graphical display of diffs between revisions (RCS, CVS or SVN)

Thread Previous | Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About