Perl Monk, Perl Meditation | |
PerlMonks |
Re^2: perl executes mode 0 argument passed script when called through sudo, security hole?by Don Coyote (Hermit) |
on Nov 11, 2013 at 21:59 UTC ( [id://1062061]=note: print w/replies, xml ) | Need Help?? |
Thank you for explaining this Dr Hyde. I know from what I have read, there are numerous ways to execute a script on a system which does not interpret the magic #! line. Your explanation does help to understand these incantations more clearer. I think understanding root can read mode 0 files is the main point. Otherwise, how would you access an nt file, which does not have permissions, after you mounted an ntfs? For clarification I opened the mode 0 file passed as an argument to emacs whilst in sudo. Surely enough I could read, but not write, to the buffer. :smile
And while passing this script in with the -l option did not cause problems, placing a -T at the end of the she-bang line still made perl complain about the command line lacking the taint mode flag, naturally. perl -e 'chmod 10000' ./coyote_ears
In Section
Seekers of Perl Wisdom
|
|