This is the Perl5 equivalent of the MNT_NOSUID patch that was put into

/usr/bin/perl a while ago. It works with 5.003 and 5.004-tobe.

I can't test it on freefall (I don't have a setuid script to play with)
but it works at home. I'll test on thud later.

Every setuid script found on a partition mounted "nosuid" will not be executed
and "Permission Denied" will be displayed.

It won't be in soo-to-be-released 5.004 because it is not a FreeBSD speciific
problem but it will be dealt with in 5.004_01 (maintenance release).

Obtained from: Jörg's patch (edited for Perl5 by me).
This commit is contained in:
Ollivier Robert 1997-05-13 16:12:55 +00:00
parent 0a0f2047fb
commit 2f8ef1af98
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=6446
7 changed files with 294 additions and 0 deletions

View file

@ -0,0 +1,42 @@
--- perl.h.old Tue May 6 12:22:21 1997
+++ perl.h Tue May 6 12:26:50 1997
@@ -223,6 +223,15 @@
# include <sys/param.h>
#endif
+/* needed for IAMSUID case for 4.4BSD systems
+ * XXX there should probably be a Configure variable
+ */
+
+#ifdef I_SYS_PARAM
+#if (defined (BSD) && (BSD >= 199306))
+# include <sys/mount.h>
+#endif /* !BSD */
+#endif /* !I_SYS_PARAM */
/* Use all the "standard" definitions? */
#if defined(STANDARD_C) && defined(I_STDLIB)
--- perl.c.old Sun Apr 27 15:04:13 1997
+++ perl.c Tue May 6 12:27:40 1997
@@ -1912,6 +1912,20 @@
croak("Can't swap uid and euid"); /* really paranoid */
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
croak("Permission denied"); /* testing full pathname here */
+#if (defined(BSD) && (BSD >= 199306))
+#ifdef IAMSUID
+ {
+ struct statfs stfs;
+
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
+
+ if (stfs.f_flags & MNT_NOSUID)
+ croak("Permission denied");
+ }
+#endif /* IAMSUID */
+#endif /* BSD */
+
if (tmpstatbuf.st_dev != statbuf.st_dev ||
tmpstatbuf.st_ino != statbuf.st_ino) {
(void)PerlIO_close(rsfp);

View file

@ -0,0 +1,42 @@
--- perl.h.old Tue May 6 12:22:21 1997
+++ perl.h Tue May 6 12:26:50 1997
@@ -223,6 +223,15 @@
# include <sys/param.h>
#endif
+/* needed for IAMSUID case for 4.4BSD systems
+ * XXX there should probably be a Configure variable
+ */
+
+#ifdef I_SYS_PARAM
+#if (defined (BSD) && (BSD >= 199306))
+# include <sys/mount.h>
+#endif /* !BSD */
+#endif /* !I_SYS_PARAM */
/* Use all the "standard" definitions? */
#if defined(STANDARD_C) && defined(I_STDLIB)
--- perl.c.old Sun Apr 27 15:04:13 1997
+++ perl.c Tue May 6 12:27:40 1997
@@ -1912,6 +1912,20 @@
croak("Can't swap uid and euid"); /* really paranoid */
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
croak("Permission denied"); /* testing full pathname here */
+#if (defined(BSD) && (BSD >= 199306))
+#ifdef IAMSUID
+ {
+ struct statfs stfs;
+
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
+
+ if (stfs.f_flags & MNT_NOSUID)
+ croak("Permission denied");
+ }
+#endif /* IAMSUID */
+#endif /* BSD */
+
if (tmpstatbuf.st_dev != statbuf.st_dev ||
tmpstatbuf.st_ino != statbuf.st_ino) {
(void)PerlIO_close(rsfp);

View file

@ -0,0 +1,42 @@
--- perl.h.old Tue May 6 12:22:21 1997
+++ perl.h Tue May 6 12:26:50 1997
@@ -223,6 +223,15 @@
# include <sys/param.h>
#endif
+/* needed for IAMSUID case for 4.4BSD systems
+ * XXX there should probably be a Configure variable
+ */
+
+#ifdef I_SYS_PARAM
+#if (defined (BSD) && (BSD >= 199306))
+# include <sys/mount.h>
+#endif /* !BSD */
+#endif /* !I_SYS_PARAM */
/* Use all the "standard" definitions? */
#if defined(STANDARD_C) && defined(I_STDLIB)
--- perl.c.old Sun Apr 27 15:04:13 1997
+++ perl.c Tue May 6 12:27:40 1997
@@ -1912,6 +1912,20 @@
croak("Can't swap uid and euid"); /* really paranoid */
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
croak("Permission denied"); /* testing full pathname here */
+#if (defined(BSD) && (BSD >= 199306))
+#ifdef IAMSUID
+ {
+ struct statfs stfs;
+
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
+
+ if (stfs.f_flags & MNT_NOSUID)
+ croak("Permission denied");
+ }
+#endif /* IAMSUID */
+#endif /* BSD */
+
if (tmpstatbuf.st_dev != statbuf.st_dev ||
tmpstatbuf.st_ino != statbuf.st_ino) {
(void)PerlIO_close(rsfp);

View file

@ -0,0 +1,42 @@
--- perl.h.old Tue May 6 12:22:21 1997
+++ perl.h Tue May 6 12:26:50 1997
@@ -223,6 +223,15 @@
# include <sys/param.h>
#endif
+/* needed for IAMSUID case for 4.4BSD systems
+ * XXX there should probably be a Configure variable
+ */
+
+#ifdef I_SYS_PARAM
+#if (defined (BSD) && (BSD >= 199306))
+# include <sys/mount.h>
+#endif /* !BSD */
+#endif /* !I_SYS_PARAM */
/* Use all the "standard" definitions? */
#if defined(STANDARD_C) && defined(I_STDLIB)
--- perl.c.old Sun Apr 27 15:04:13 1997
+++ perl.c Tue May 6 12:27:40 1997
@@ -1912,6 +1912,20 @@
croak("Can't swap uid and euid"); /* really paranoid */
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
croak("Permission denied"); /* testing full pathname here */
+#if (defined(BSD) && (BSD >= 199306))
+#ifdef IAMSUID
+ {
+ struct statfs stfs;
+
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
+
+ if (stfs.f_flags & MNT_NOSUID)
+ croak("Permission denied");
+ }
+#endif /* IAMSUID */
+#endif /* BSD */
+
if (tmpstatbuf.st_dev != statbuf.st_dev ||
tmpstatbuf.st_ino != statbuf.st_ino) {
(void)PerlIO_close(rsfp);

View file

@ -0,0 +1,42 @@
--- perl.h.old Tue May 6 12:22:21 1997
+++ perl.h Tue May 6 12:26:50 1997
@@ -223,6 +223,15 @@
# include <sys/param.h>
#endif
+/* needed for IAMSUID case for 4.4BSD systems
+ * XXX there should probably be a Configure variable
+ */
+
+#ifdef I_SYS_PARAM
+#if (defined (BSD) && (BSD >= 199306))
+# include <sys/mount.h>
+#endif /* !BSD */
+#endif /* !I_SYS_PARAM */
/* Use all the "standard" definitions? */
#if defined(STANDARD_C) && defined(I_STDLIB)
--- perl.c.old Sun Apr 27 15:04:13 1997
+++ perl.c Tue May 6 12:27:40 1997
@@ -1912,6 +1912,20 @@
croak("Can't swap uid and euid"); /* really paranoid */
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
croak("Permission denied"); /* testing full pathname here */
+#if (defined(BSD) && (BSD >= 199306))
+#ifdef IAMSUID
+ {
+ struct statfs stfs;
+
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
+
+ if (stfs.f_flags & MNT_NOSUID)
+ croak("Permission denied");
+ }
+#endif /* IAMSUID */
+#endif /* BSD */
+
if (tmpstatbuf.st_dev != statbuf.st_dev ||
tmpstatbuf.st_ino != statbuf.st_ino) {
(void)PerlIO_close(rsfp);

View file

@ -0,0 +1,42 @@
--- perl.h.old Tue May 6 12:22:21 1997
+++ perl.h Tue May 6 12:26:50 1997
@@ -223,6 +223,15 @@
# include <sys/param.h>
#endif
+/* needed for IAMSUID case for 4.4BSD systems
+ * XXX there should probably be a Configure variable
+ */
+
+#ifdef I_SYS_PARAM
+#if (defined (BSD) && (BSD >= 199306))
+# include <sys/mount.h>
+#endif /* !BSD */
+#endif /* !I_SYS_PARAM */
/* Use all the "standard" definitions? */
#if defined(STANDARD_C) && defined(I_STDLIB)
--- perl.c.old Sun Apr 27 15:04:13 1997
+++ perl.c Tue May 6 12:27:40 1997
@@ -1912,6 +1912,20 @@
croak("Can't swap uid and euid"); /* really paranoid */
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
croak("Permission denied"); /* testing full pathname here */
+#if (defined(BSD) && (BSD >= 199306))
+#ifdef IAMSUID
+ {
+ struct statfs stfs;
+
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
+
+ if (stfs.f_flags & MNT_NOSUID)
+ croak("Permission denied");
+ }
+#endif /* IAMSUID */
+#endif /* BSD */
+
if (tmpstatbuf.st_dev != statbuf.st_dev ||
tmpstatbuf.st_ino != statbuf.st_ino) {
(void)PerlIO_close(rsfp);

42
lang/perl5/files/patch-ae Normal file
View file

@ -0,0 +1,42 @@
--- perl.h.old Tue May 6 12:22:21 1997
+++ perl.h Tue May 6 12:26:50 1997
@@ -223,6 +223,15 @@
# include <sys/param.h>
#endif
+/* needed for IAMSUID case for 4.4BSD systems
+ * XXX there should probably be a Configure variable
+ */
+
+#ifdef I_SYS_PARAM
+#if (defined (BSD) && (BSD >= 199306))
+# include <sys/mount.h>
+#endif /* !BSD */
+#endif /* !I_SYS_PARAM */
/* Use all the "standard" definitions? */
#if defined(STANDARD_C) && defined(I_STDLIB)
--- perl.c.old Sun Apr 27 15:04:13 1997
+++ perl.c Tue May 6 12:27:40 1997
@@ -1912,6 +1912,20 @@
croak("Can't swap uid and euid"); /* really paranoid */
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
croak("Permission denied"); /* testing full pathname here */
+#if (defined(BSD) && (BSD >= 199306))
+#ifdef IAMSUID
+ {
+ struct statfs stfs;
+
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
+
+ if (stfs.f_flags & MNT_NOSUID)
+ croak("Permission denied");
+ }
+#endif /* IAMSUID */
+#endif /* BSD */
+
if (tmpstatbuf.st_dev != statbuf.st_dev ||
tmpstatbuf.st_ino != statbuf.st_ino) {
(void)PerlIO_close(rsfp);