Skip Menu |

This queue is for tickets about the PAR-Packer CPAN distribution.

Report information
The Basics
Id: 62552
Status: open
Priority: 0/
Queue: PAR-Packer
People
Owner: Nobody in particular
Requestors: bitcard [...] post2.25u.com
Cc:
AdminCc:
Bug Information
Severity: Wishlist
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Fri Oct 29 06:47:11 2010 bitcard [...] post2.25u.com - Ticket created
Subject: disabling taint mode (or: passing options from PERLRUN(1))
Dear *, I have a pp'ed binary (on Linux) which is suid root. How can I disable taint checks for that "binary"? Passing "-X -U" to Perl (when not using PAR::pp) does the job - but how would I pass those flags to Perl in a pp'ed binary? (I tried adding the options to the shebang line of the original script, but that did not work.) Thanks for your help! Cheers, /alex PS Slightly more background on usage scenario, if needed, can be found here: http://perlmonks.org/index.pl?node_id=868081
  Fri Oct 29 08:44:35 2010 RSCHUPP [...] cpan.org - Severity Important changed to Wishlist
  Fri Oct 29 09:36:39 2010 RSCHUPP [...] cpan.org - Correspondence added
On 2010-10-29 06:47:11, arost wrote: Show quoted text
> I have a pp'ed binary (on Linux) which is suid root.
Don't do that. PAR::Packer is _not_ audited not to introduce security leaks in packed binaries. Even if your script itself were (i.e. would run under -T or as a setuid _script_). Judging from the Perlmonks article, you haven't even done that: Show quoted text
> * and reviewing about 50 KLOC for securing a script on a system
where everyone has root access anyway doesn't look like a rewarding activity. So don't expect us to the same job for PAR::Packer. Show quoted text
> * the script is used on systems where every user has root access
Oh boy :( If that's really the case, I suggest you simply don't make the binary setuid, but run it under sudo instead. Cheers, Roderich
  Fri Oct 29 09:36:39 2010 The RT System itself - Status changed from 'new' to 'open'
  Fri Oct 29 10:02:09 2010 bitcard [...] post2.25u.com - Correspondence added
From: bitcard [...] post2.25u.com
On Fri Oct 29 09:36:39 2010, RSCHUPP wrote: Show quoted text
> On 2010-10-29 06:47:11, arost wrote:
[...] Show quoted text
> > * and reviewing about 50 KLOC for securing a script on a system
> where everyone has root access anyway doesn't look like a rewarding > activity. > > So don't expect us to the same job for PAR::Packer.
I absolutely don't. I'm willing to take the same risk that I take with normal "perl -U". The problem is that PAR::pp does not allow me to do that, since I there is not a way (?) to specify unsafe mode for pp binaries. Show quoted text
> > * the script is used on systems where every user has root access
> > Oh boy :( If that's really the case, I suggest you simply > don't make the binary setuid, but run it under sudo instead.
We do this right now, but it leads to a mess from mixing user and root permissions/ownerships on all input and output data of the script. I'd really like to avoid that. (For background: I see that a "everyone gets root" system is unusual. The system is used for network tests, and users must be able to perform changes to hard- and software on a regular basis.)