Sys::Hostname, Solaris, and perhaps tainting 
Author Message
 Sys::Hostname, Solaris, and perhaps tainting

I've got a problem with Sys::Hostname on a Solaris 2.5.1 box that I
can't figure out.  We had a chain of a Perl script which called a
setuid C wrapper which called a shell script which called a Perl
script, and I'm getting it down to a Perl script calling a setuid
Perl script, or, if I have to, sticking a setuid C wrapper in the
middle.

Anyway, I've boiled it down to this:

     #!/usr/local/bin/perl -w

     use strict;
     use Sys::Hostname;

     my $host = Sys::Hostname::hostname();
     print "Hostname is $host\n";

I can't make this run on the Solaris machine with the setuid bit set,
although running it as root works fine.  It works without a problem on
my FreeBSD machine, and I'm told it's fine on IRIX too.  On Solaris I
get "Cannot get host name of local machine at line 6."  Am I correct
in assuming the Perl (5.005_03) is fine, there should be no taint
problems, and that Solaris is broken?  If so, is there any way to get
around it?

Any advice appreciated.  

Bill
--
--
William Denton : Toronto, Canada : http://www.*-*-*.com/ : Caveat lector.



Mon, 04 Nov 2002 03:00:00 GMT  
 Sys::Hostname, Solaris, and perhaps tainting
There is a problem with Sys::Hostname and -T (which is implied
when suid) insofar as hostname falls back on calling some
external programs (uname or hostname) if syscall.ph is not
present (so it cannot get the hostname via the syscall interface),
and here the tainted $ENV{PATH} produces that error.

Solution: create syscall.ph (sys/syscall.ph and sys/systeminfo.ph
on solaris) with h2ph (see docu for h2ph).

Alternate: set $ENV{PATH} to something including uname or hostname.
Advantage: more portable if script is moved between perl installations.

Also: There was discussion to fix this (not running h2ph upon
installation) for perl5.6.  Can anyone confirm that it is fixed?

Hope this helps,

Roland
--

ALCATEL Austria, Dept. RTPM       FAX:   +43-1-27722-3955
Scheydgasse 41, A-1210 WIEN, Austria (no Kangaroos here!)



Tue, 05 Nov 2002 03:00:00 GMT  
 Sys::Hostname, Solaris, and perhaps tainting
[[ PLEASE DON'T SEND ME EMAIL COPIES OF POSTINGS ]]

Quote:

>I can't make this run on the Solaris machine with the setuid bit set,
>although running it as root works fine.  It works without a problem on
>my FreeBSD machine, and I'm told it's fine on IRIX too.  On Solaris I
>get "Cannot get host name of local machine at line 6."  Am I correct
>in assuming the Perl (5.005_03) is fine, there should be no taint
>problems, and that Solaris is broken?  If so, is there any way to get
>around it?

No, perl is broken.  It appears to want to call system("hostname")
using $PATH so the taint checks fire.

Now, you can fix this by running h2ph in which case perl
finds the proper system call to use.

Casper
--
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.



Tue, 05 Nov 2002 03:00:00 GMT  
 Sys::Hostname, Solaris, and perhaps tainting

Quote:
> No, perl is broken.  

I'm not sure that I agree.

Quote:
> It appears to want to call system("hostname")
> using $PATH so the taint checks fire.

("It" being the Sys::Hostname module, right?) I don't find anything wrong
with that. Of course, it should be clearly documented that it may call an
external program, so $ENV{PATH} (and some other environment variables)
need to permit that.

The alternative would be for the module to clean up the environment
variables before calling 'hostname'. The path to 'hostname' (or perhaps a
safe $ENV{PATH}) would probably have to be determined at installation time
and hard-coded into the module. Of course, the function should save and
restore the original environment in this case, so as not to surprise the
caller.

Cheers!

--
Tom Phoenix       Perl Training and Hacking       Esperanto
Randal Schwartz Case:     http://www.rahul.net/jeffrey/ovs/



Fri, 08 Nov 2002 03:00:00 GMT  
 
 [ 4 post ] 

 Relevant Pages 

1. Help! DB not in edit/insert mode error, using TDBLookupComboBox

2. Sys::Hostname, taint and linux

3. Sys::Hostname exibits strange behavior under Solaris 2.5

4. what's tainted about Sys::Syslog/Sys::Hostname (5.003 solaris 2.5.1)?

5. Security issue in Sys::Hostname ?

6. Why use Sys::Hostname instead of just $ENV{SERVER_NAME}

7. compile warning with perl 5.003 module Sys::hostname

8. Mysterious Sys::Hostname problem

9. Sys::Hostname module and -w

10. using Sys::Hostname in a CGI

11. I'm stuck and need advise - cannot fix Record/Key Deleted

12. strange tp7 error on Pentium Computers

 

 
Powered by phpBB® Forum Software