develooper Front page | perl.perl5.porters | Postings from October 2003

Re: [perl #24122] setreuid and friends borked on darwin/osx

Wilfredo Sánchez
October 12, 2003 13:03
Re: [perl #24122] setreuid and friends borked on darwin/osx
Message ID:
   Can you describe the nature of the problem with these calls, and 
possibly provide a simple test?  I'll file a bug at Apple for you if I 
can get enough info to do so.

   This change seems like the right thing if they are broken, and I 
would recommend the same thing in rhapsody as well, as it's highly 
unlikely that API broken in darwin works in rhapsody.


> Slaven Rezic wrote:
>> " (via RT)" <> writes:
>>> The library calls setruid, setrgid, setreuid, and setregid on
>>> darwin (MacOS X) are severely broken, causing any attempt to
>>> change $< or $( to fail silently.
>>> This will cause problems in scripts that use those variables to
>>> drop privileges.  Either they'll die unpleasantly (if they properly
>>> check $< afterwards) or they might gain a security vulnerability.
>>> Scripts that use POSIX::setuid will be unaffected ofcourse.
>>> The only solution I can think of is to make the configure script
>>> pretend those four calls don't exist on darwin.  Properly testing
>>> whether they work would require root perms.
>> Or better, just add
>>         d_setregid='undef'
>>         d_setreuid='undef'
>>         d_setrgid='undef'
>>         d_setruid='undef'
>> to darwin's hints file (just like the lines in hints/ for
>> older FreeBSD releases).
> Added preventively as change #21438 to bleadperl.
> I'm cc:ing Wilfredo Sanchez for advice of the official maintainer of
> this hints file. (Maybe should this go into hints/ as
> well.) Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About