关于perl的taint mode

shyjack

UID: 14373
帖子: 77
积分: 177
在线时间: 8 小时

1^# shyjack 发表于 2008-04-08 07:21

关于perl的taint mode

大家好，最近遇到一个问题，就是关于perl的taint mode

由于我的perl里面要通过system()调用系统命令，因此没有打开taint mode。（在perl的第一行是/usr/local/bin/gatespool, 没有 -T选项）

但是执行的时候，还是一直报错： Insecure $ENV{PATH} while running .....

请问，关掉如何关掉taint mode啊？

多谢了。

churchmice

UID: 31829
帖子: 2
积分: 4
在线时间: 10 分钟

2^# churchmice 发表于 2008-04-08 08:41

use no taint??

apile

UID: 42255
帖子: 66
积分: 151
在线时间: 6 小时

3^# apile 发表于 2008-04-08 09:31

在代码里面加上
$ENV{PATH}="/bin:/usr/bin";
指定好..试试看...
应该是说你用了环境变量.....自己指定的话..好像可以...

另外关於Taint mode..可能你有启动module perl.或你的第一行的那个不是perl的档里面有开启-T..
想办法拿掉他..或直接指定/usr/bin/perl

shyjack

UID: 14373
帖子: 77
积分: 177
在线时间: 8 小时

4^# shyjack 发表于 2008-04-08 09:49

Thanks guys for your reply.

I can confirm that perl is running without -T option.

Also I had tried to add the line before the system calling. ($ENV{PATH}="/bin:/usr/bin")
Afterwards, It will complain CDPATH, after add CDPATH, then ENV was complained.

Just very curious why the working scirpt on the other machine failed only on this particular server.

shyjack

UID: 14373
帖子: 77
积分: 177
在线时间: 8 小时

5^# shyjack 发表于 2008-04-08 10:02

another thing is that my script is a setuid perl script.

It belongs to usera with setuid setting, will be called from userb.

Is this causing the problem?

apile

UID: 42255
帖子: 66
积分: 151
在线时间: 6 小时

6^# apile 发表于 2008-04-08 10:15

perldoc -q setuid

QUOTE:

   Why do setuid perl scripts complain about kernel problems?

   Some operating systems have bugs in the kernel that make setuid scripts inher-
   ently insecure.  Perl gives you a number of options (described in perlsec) to
   work around such systems.

看看perlsec这份perldoc吧..

Nosferatu

UID: 5185
帖子: 94
积分: 216
在线时间: 12 小时

7^# Nosferatu 发表于 2008-04-08 10:17

这篇文章正好是讲你这个问题的：
http://www.cs.cmu.edu/People/rgs/pl-suid.html

shyjack

UID: 14373
帖子: 77
积分: 177
在线时间: 8 小时

8^# shyjack 发表于 2008-04-08 11:24

Thanks.

Still can't figure it out.

The problem is that I had disable the taint checking. what a perl script!!

apile

UID: 42255
帖子: 66
积分: 151
在线时间: 6 小时

9^# apile 发表于 2008-04-08 14:19

perlsec 文件中有说到..
应该是perl自动enable了taint mode...

QUOTE:

   Perl automatically enables a set of special security checks, called taint mode,
   when it detects its program running with differing real and effective user or
   group IDs.  The setuid bit in Unix permissions is mode 04000, the setgid bit
   mode 02000; either or both may be set.  You can also enable taint mode explic-
   itly by using the -T command line flag. This flag is strongly suggested for
   server programs and any program run on behalf of someone else, such as a CGI
   script. Once taint mode is on, it's on for the remainder of your script.

shyjack

UID: 14373
帖子: 77
积分: 177
在线时间: 8 小时

10^# shyjack 发表于 2008-04-08 16:51

So in such a case,

Is there any work around this issue to disable taint mode for perl script even it is with setting of setuid or setgid ?

Appreciate your help.