This is the Perl5 equivalent of the MNT_NOSUID patch that was put into
/usr/bin/perl a while ago. It works with 5.003 and 5.004-tobe. I can't test it on freefall (I don't have a setuid script to play with) but it works at home. I'll test on thud later. Every setuid script found on a partition mounted "nosuid" will not be executed and "Permission Denied" will be displayed. It won't be in soo-to-be-released 5.004 because it is not a FreeBSD speciific problem but it will be dealt with in 5.004_01 (maintenance release). Obtained from: Jörg's patch (edited for Perl5 by me).
This commit is contained in:
parent
0a0f2047fb
commit
2f8ef1af98
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=6446
7 changed files with 294 additions and 0 deletions
42
lang/perl5.10/files/patch-ae
Normal file
42
lang/perl5.10/files/patch-ae
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
--- perl.h.old Tue May 6 12:22:21 1997
|
||||||
|
+++ perl.h Tue May 6 12:26:50 1997
|
||||||
|
@@ -223,6 +223,15 @@
|
||||||
|
# include <sys/param.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* needed for IAMSUID case for 4.4BSD systems
|
||||||
|
+ * XXX there should probably be a Configure variable
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#ifdef I_SYS_PARAM
|
||||||
|
+#if (defined (BSD) && (BSD >= 199306))
|
||||||
|
+# include <sys/mount.h>
|
||||||
|
+#endif /* !BSD */
|
||||||
|
+#endif /* !I_SYS_PARAM */
|
||||||
|
|
||||||
|
/* Use all the "standard" definitions? */
|
||||||
|
#if defined(STANDARD_C) && defined(I_STDLIB)
|
||||||
|
--- perl.c.old Sun Apr 27 15:04:13 1997
|
||||||
|
+++ perl.c Tue May 6 12:27:40 1997
|
||||||
|
@@ -1912,6 +1912,20 @@
|
||||||
|
croak("Can't swap uid and euid"); /* really paranoid */
|
||||||
|
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
|
||||||
|
croak("Permission denied"); /* testing full pathname here */
|
||||||
|
+#if (defined(BSD) && (BSD >= 199306))
|
||||||
|
+#ifdef IAMSUID
|
||||||
|
+ {
|
||||||
|
+ struct statfs stfs;
|
||||||
|
+
|
||||||
|
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
|
||||||
|
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
|
||||||
|
+
|
||||||
|
+ if (stfs.f_flags & MNT_NOSUID)
|
||||||
|
+ croak("Permission denied");
|
||||||
|
+ }
|
||||||
|
+#endif /* IAMSUID */
|
||||||
|
+#endif /* BSD */
|
||||||
|
+
|
||||||
|
if (tmpstatbuf.st_dev != statbuf.st_dev ||
|
||||||
|
tmpstatbuf.st_ino != statbuf.st_ino) {
|
||||||
|
(void)PerlIO_close(rsfp);
|
||||||
|
|
42
lang/perl5.12/files/patch-ae
Normal file
42
lang/perl5.12/files/patch-ae
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
--- perl.h.old Tue May 6 12:22:21 1997
|
||||||
|
+++ perl.h Tue May 6 12:26:50 1997
|
||||||
|
@@ -223,6 +223,15 @@
|
||||||
|
# include <sys/param.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* needed for IAMSUID case for 4.4BSD systems
|
||||||
|
+ * XXX there should probably be a Configure variable
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#ifdef I_SYS_PARAM
|
||||||
|
+#if (defined (BSD) && (BSD >= 199306))
|
||||||
|
+# include <sys/mount.h>
|
||||||
|
+#endif /* !BSD */
|
||||||
|
+#endif /* !I_SYS_PARAM */
|
||||||
|
|
||||||
|
/* Use all the "standard" definitions? */
|
||||||
|
#if defined(STANDARD_C) && defined(I_STDLIB)
|
||||||
|
--- perl.c.old Sun Apr 27 15:04:13 1997
|
||||||
|
+++ perl.c Tue May 6 12:27:40 1997
|
||||||
|
@@ -1912,6 +1912,20 @@
|
||||||
|
croak("Can't swap uid and euid"); /* really paranoid */
|
||||||
|
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
|
||||||
|
croak("Permission denied"); /* testing full pathname here */
|
||||||
|
+#if (defined(BSD) && (BSD >= 199306))
|
||||||
|
+#ifdef IAMSUID
|
||||||
|
+ {
|
||||||
|
+ struct statfs stfs;
|
||||||
|
+
|
||||||
|
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
|
||||||
|
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
|
||||||
|
+
|
||||||
|
+ if (stfs.f_flags & MNT_NOSUID)
|
||||||
|
+ croak("Permission denied");
|
||||||
|
+ }
|
||||||
|
+#endif /* IAMSUID */
|
||||||
|
+#endif /* BSD */
|
||||||
|
+
|
||||||
|
if (tmpstatbuf.st_dev != statbuf.st_dev ||
|
||||||
|
tmpstatbuf.st_ino != statbuf.st_ino) {
|
||||||
|
(void)PerlIO_close(rsfp);
|
||||||
|
|
42
lang/perl5.14/files/patch-ae
Normal file
42
lang/perl5.14/files/patch-ae
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
--- perl.h.old Tue May 6 12:22:21 1997
|
||||||
|
+++ perl.h Tue May 6 12:26:50 1997
|
||||||
|
@@ -223,6 +223,15 @@
|
||||||
|
# include <sys/param.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* needed for IAMSUID case for 4.4BSD systems
|
||||||
|
+ * XXX there should probably be a Configure variable
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#ifdef I_SYS_PARAM
|
||||||
|
+#if (defined (BSD) && (BSD >= 199306))
|
||||||
|
+# include <sys/mount.h>
|
||||||
|
+#endif /* !BSD */
|
||||||
|
+#endif /* !I_SYS_PARAM */
|
||||||
|
|
||||||
|
/* Use all the "standard" definitions? */
|
||||||
|
#if defined(STANDARD_C) && defined(I_STDLIB)
|
||||||
|
--- perl.c.old Sun Apr 27 15:04:13 1997
|
||||||
|
+++ perl.c Tue May 6 12:27:40 1997
|
||||||
|
@@ -1912,6 +1912,20 @@
|
||||||
|
croak("Can't swap uid and euid"); /* really paranoid */
|
||||||
|
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
|
||||||
|
croak("Permission denied"); /* testing full pathname here */
|
||||||
|
+#if (defined(BSD) && (BSD >= 199306))
|
||||||
|
+#ifdef IAMSUID
|
||||||
|
+ {
|
||||||
|
+ struct statfs stfs;
|
||||||
|
+
|
||||||
|
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
|
||||||
|
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
|
||||||
|
+
|
||||||
|
+ if (stfs.f_flags & MNT_NOSUID)
|
||||||
|
+ croak("Permission denied");
|
||||||
|
+ }
|
||||||
|
+#endif /* IAMSUID */
|
||||||
|
+#endif /* BSD */
|
||||||
|
+
|
||||||
|
if (tmpstatbuf.st_dev != statbuf.st_dev ||
|
||||||
|
tmpstatbuf.st_ino != statbuf.st_ino) {
|
||||||
|
(void)PerlIO_close(rsfp);
|
||||||
|
|
42
lang/perl5.16/files/patch-ae
Normal file
42
lang/perl5.16/files/patch-ae
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
--- perl.h.old Tue May 6 12:22:21 1997
|
||||||
|
+++ perl.h Tue May 6 12:26:50 1997
|
||||||
|
@@ -223,6 +223,15 @@
|
||||||
|
# include <sys/param.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* needed for IAMSUID case for 4.4BSD systems
|
||||||
|
+ * XXX there should probably be a Configure variable
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#ifdef I_SYS_PARAM
|
||||||
|
+#if (defined (BSD) && (BSD >= 199306))
|
||||||
|
+# include <sys/mount.h>
|
||||||
|
+#endif /* !BSD */
|
||||||
|
+#endif /* !I_SYS_PARAM */
|
||||||
|
|
||||||
|
/* Use all the "standard" definitions? */
|
||||||
|
#if defined(STANDARD_C) && defined(I_STDLIB)
|
||||||
|
--- perl.c.old Sun Apr 27 15:04:13 1997
|
||||||
|
+++ perl.c Tue May 6 12:27:40 1997
|
||||||
|
@@ -1912,6 +1912,20 @@
|
||||||
|
croak("Can't swap uid and euid"); /* really paranoid */
|
||||||
|
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
|
||||||
|
croak("Permission denied"); /* testing full pathname here */
|
||||||
|
+#if (defined(BSD) && (BSD >= 199306))
|
||||||
|
+#ifdef IAMSUID
|
||||||
|
+ {
|
||||||
|
+ struct statfs stfs;
|
||||||
|
+
|
||||||
|
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
|
||||||
|
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
|
||||||
|
+
|
||||||
|
+ if (stfs.f_flags & MNT_NOSUID)
|
||||||
|
+ croak("Permission denied");
|
||||||
|
+ }
|
||||||
|
+#endif /* IAMSUID */
|
||||||
|
+#endif /* BSD */
|
||||||
|
+
|
||||||
|
if (tmpstatbuf.st_dev != statbuf.st_dev ||
|
||||||
|
tmpstatbuf.st_ino != statbuf.st_ino) {
|
||||||
|
(void)PerlIO_close(rsfp);
|
||||||
|
|
42
lang/perl5.6/files/patch-ae
Normal file
42
lang/perl5.6/files/patch-ae
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
--- perl.h.old Tue May 6 12:22:21 1997
|
||||||
|
+++ perl.h Tue May 6 12:26:50 1997
|
||||||
|
@@ -223,6 +223,15 @@
|
||||||
|
# include <sys/param.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* needed for IAMSUID case for 4.4BSD systems
|
||||||
|
+ * XXX there should probably be a Configure variable
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#ifdef I_SYS_PARAM
|
||||||
|
+#if (defined (BSD) && (BSD >= 199306))
|
||||||
|
+# include <sys/mount.h>
|
||||||
|
+#endif /* !BSD */
|
||||||
|
+#endif /* !I_SYS_PARAM */
|
||||||
|
|
||||||
|
/* Use all the "standard" definitions? */
|
||||||
|
#if defined(STANDARD_C) && defined(I_STDLIB)
|
||||||
|
--- perl.c.old Sun Apr 27 15:04:13 1997
|
||||||
|
+++ perl.c Tue May 6 12:27:40 1997
|
||||||
|
@@ -1912,6 +1912,20 @@
|
||||||
|
croak("Can't swap uid and euid"); /* really paranoid */
|
||||||
|
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
|
||||||
|
croak("Permission denied"); /* testing full pathname here */
|
||||||
|
+#if (defined(BSD) && (BSD >= 199306))
|
||||||
|
+#ifdef IAMSUID
|
||||||
|
+ {
|
||||||
|
+ struct statfs stfs;
|
||||||
|
+
|
||||||
|
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
|
||||||
|
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
|
||||||
|
+
|
||||||
|
+ if (stfs.f_flags & MNT_NOSUID)
|
||||||
|
+ croak("Permission denied");
|
||||||
|
+ }
|
||||||
|
+#endif /* IAMSUID */
|
||||||
|
+#endif /* BSD */
|
||||||
|
+
|
||||||
|
if (tmpstatbuf.st_dev != statbuf.st_dev ||
|
||||||
|
tmpstatbuf.st_ino != statbuf.st_ino) {
|
||||||
|
(void)PerlIO_close(rsfp);
|
||||||
|
|
42
lang/perl5.8/files/patch-ae
Normal file
42
lang/perl5.8/files/patch-ae
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
--- perl.h.old Tue May 6 12:22:21 1997
|
||||||
|
+++ perl.h Tue May 6 12:26:50 1997
|
||||||
|
@@ -223,6 +223,15 @@
|
||||||
|
# include <sys/param.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* needed for IAMSUID case for 4.4BSD systems
|
||||||
|
+ * XXX there should probably be a Configure variable
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#ifdef I_SYS_PARAM
|
||||||
|
+#if (defined (BSD) && (BSD >= 199306))
|
||||||
|
+# include <sys/mount.h>
|
||||||
|
+#endif /* !BSD */
|
||||||
|
+#endif /* !I_SYS_PARAM */
|
||||||
|
|
||||||
|
/* Use all the "standard" definitions? */
|
||||||
|
#if defined(STANDARD_C) && defined(I_STDLIB)
|
||||||
|
--- perl.c.old Sun Apr 27 15:04:13 1997
|
||||||
|
+++ perl.c Tue May 6 12:27:40 1997
|
||||||
|
@@ -1912,6 +1912,20 @@
|
||||||
|
croak("Can't swap uid and euid"); /* really paranoid */
|
||||||
|
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
|
||||||
|
croak("Permission denied"); /* testing full pathname here */
|
||||||
|
+#if (defined(BSD) && (BSD >= 199306))
|
||||||
|
+#ifdef IAMSUID
|
||||||
|
+ {
|
||||||
|
+ struct statfs stfs;
|
||||||
|
+
|
||||||
|
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
|
||||||
|
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
|
||||||
|
+
|
||||||
|
+ if (stfs.f_flags & MNT_NOSUID)
|
||||||
|
+ croak("Permission denied");
|
||||||
|
+ }
|
||||||
|
+#endif /* IAMSUID */
|
||||||
|
+#endif /* BSD */
|
||||||
|
+
|
||||||
|
if (tmpstatbuf.st_dev != statbuf.st_dev ||
|
||||||
|
tmpstatbuf.st_ino != statbuf.st_ino) {
|
||||||
|
(void)PerlIO_close(rsfp);
|
||||||
|
|
42
lang/perl5/files/patch-ae
Normal file
42
lang/perl5/files/patch-ae
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
--- perl.h.old Tue May 6 12:22:21 1997
|
||||||
|
+++ perl.h Tue May 6 12:26:50 1997
|
||||||
|
@@ -223,6 +223,15 @@
|
||||||
|
# include <sys/param.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* needed for IAMSUID case for 4.4BSD systems
|
||||||
|
+ * XXX there should probably be a Configure variable
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#ifdef I_SYS_PARAM
|
||||||
|
+#if (defined (BSD) && (BSD >= 199306))
|
||||||
|
+# include <sys/mount.h>
|
||||||
|
+#endif /* !BSD */
|
||||||
|
+#endif /* !I_SYS_PARAM */
|
||||||
|
|
||||||
|
/* Use all the "standard" definitions? */
|
||||||
|
#if defined(STANDARD_C) && defined(I_STDLIB)
|
||||||
|
--- perl.c.old Sun Apr 27 15:04:13 1997
|
||||||
|
+++ perl.c Tue May 6 12:27:40 1997
|
||||||
|
@@ -1912,6 +1912,20 @@
|
||||||
|
croak("Can't swap uid and euid"); /* really paranoid */
|
||||||
|
if (Stat(SvPVX(GvSV(curcop->cop_filegv)),&tmpstatbuf) < 0)
|
||||||
|
croak("Permission denied"); /* testing full pathname here */
|
||||||
|
+#if (defined(BSD) && (BSD >= 199306))
|
||||||
|
+#ifdef IAMSUID
|
||||||
|
+ {
|
||||||
|
+ struct statfs stfs;
|
||||||
|
+
|
||||||
|
+ if (fstatfs(fileno(rsfp),&stfs) < 0)
|
||||||
|
+ croak("Can't statfs filesystem of script \"%s\"",origfilename);
|
||||||
|
+
|
||||||
|
+ if (stfs.f_flags & MNT_NOSUID)
|
||||||
|
+ croak("Permission denied");
|
||||||
|
+ }
|
||||||
|
+#endif /* IAMSUID */
|
||||||
|
+#endif /* BSD */
|
||||||
|
+
|
||||||
|
if (tmpstatbuf.st_dev != statbuf.st_dev ||
|
||||||
|
tmpstatbuf.st_ino != statbuf.st_ino) {
|
||||||
|
(void)PerlIO_close(rsfp);
|
||||||
|
|
Loading…
Reference in a new issue