From 1da7e98407995ae504cc4e57d1b11bf2f9930da9 Mon Sep 17 00:00:00 2001 From: kravietz Date: Fri, 11 Aug 2000 16:07:18 +0000 Subject: [PATCH] - this patch from RedHat make suidperl use syslog() to report security violations, instead of using /bin/mail which can be (and once was) a security problem d6446215753eebbbd53812f64b39cdb6 perl-syslog.patch Changed files: perl-syslog.patch -> 1.1 --- perl-syslog.patch | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 perl-syslog.patch diff --git a/perl-syslog.patch b/perl-syslog.patch new file mode 100644 index 0000000..0ca9c4b --- /dev/null +++ b/perl-syslog.patch @@ -0,0 +1,37 @@ +--- perl/perl.c.syslog Sat Mar 27 12:49:17 1999 ++++ perl/perl.c Mon Aug 7 11:01:24 2000 +@@ -20,6 +20,9 @@ + #include + #endif + ++#include ++#define I_SYSLOG ++ + #if !defined(STANDARD_C) && !defined(HAS_GETENV_PROTOTYPE) + char *getenv _((char *)); /* Usually in */ + #endif +@@ -2220,6 +2223,16 @@ + if (tmpstatbuf.st_dev != PL_statbuf.st_dev || + tmpstatbuf.st_ino != PL_statbuf.st_ino) { + (void)PerlIO_close(PL_rsfp); ++#ifdef I_SYSLOG ++ openlog("suidperl", LOG_CONS | LOG_PID | LOG_NDELAY, LOG_AUTHPRIV); ++ syslog(LOG_ALERT, "User %ld tried to run dev %ld ino %ld in " ++ "place of dev %ld ino %ld!", PL_uid, ++ (long)tmpstatbuf.st_dev, (long)tmpstatbuf.st_ino, ++ (long)PL_statbuf.st_dev, (long)PL_statbuf.st_ino); ++ syslog(LOG_ALERT, "Filename of setuid script was %s, uid %ld" ++ " gid %ld.", SvPVX(GvSV(PL_curcop->cop_filegv)), ++ PL_statbuf.st_uid, PL_statbuf.st_gid); ++#else + if (PL_rsfp = PerlProc_popen("/bin/mail root","w")) { /* heh, heh */ + PerlIO_printf(PL_rsfp, + "User %ld tried to run dev %ld ino %ld in place of dev %ld ino %ld!\n\ +@@ -2230,6 +2243,7 @@ + (long)PL_statbuf.st_uid, (long)PL_statbuf.st_gid); + (void)PerlProc_pclose(PL_rsfp); + } ++#endif + croak("Permission denied\n"); + } + if ( -- 2.44.0