diff options
| author | Simon Cozens <simon@netthink.co.uk> | 2002-10-08 12:13:07 +0100 |
|---|---|---|
| committer | hv <hv@crypt.org> | 2002-10-12 15:12:18 +0000 |
| commit | b3c1f772f352b72296ce50a1ba2e7abcc581baaa (patch) | |
| tree | c4c7f176e85d0f47b5e8500c13ad29af198cc071 /utils/perldoc.PL | |
| parent | a2307be4b899f5bb1ef09b534ea96c8d5ffd7a73 (diff) | |
| download | perl-b3c1f772f352b72296ce50a1ba2e7abcc581baaa.tar.gz | |
For screaming hell's sake
Message-ID: <20021008101307.GA8175@netthink.co.uk>
p4raw-id: //depot/perl@18009
Diffstat (limited to 'utils/perldoc.PL')
| -rw-r--r-- | utils/perldoc.PL | 62 |
1 files changed, 30 insertions, 32 deletions
diff --git a/utils/perldoc.PL b/utils/perldoc.PL index 81e270c0de..860b91640b 100644 --- a/utils/perldoc.PL +++ b/utils/perldoc.PL @@ -118,7 +118,6 @@ Options: -v Verbosely describe what's going on -X use index if present (looks for pod.idx at $Config{archlib}) -q Search the text of questions (not answers) in perlfaq[1-9] - -U Run in insecure mode (superuser only) PageName|ModuleName... is the name of a piece of documentation that you want to look at. You @@ -147,7 +146,7 @@ if (defined $ENV{"PERLDOC"}) { } !NO!SUBS! -my $getopts = "mhtluvriFf:Xq:n:U"; +my $getopts = "mhtluvriFf:Xq:n:"; print OUT <<"!GET!OPTS!"; use vars qw( @{[map "\$opt_$_", ($getopts =~ /\w/g)]} ); @@ -159,15 +158,13 @@ print OUT <<'!NO!SUBS!'; usage if $opt_h; -# refuse to run if we should be tainting and aren't -# (but regular users deserve protection too, though!) +# attempt to drop privs if we should be tainting and aren't if (!($Is_VMS || $Is_MSWin32 || $Is_Dos || $Is_OS2) && ($> == 0 || $< == 0) && !am_taint_checking()) -{{ - if ($opt_U) { - my $id = eval { getpwnam("nobody") }; - $id = eval { getpwnam("nouser") } unless defined $id; - $id = -2 unless defined $id; +{ + my $id = eval { getpwnam("nobody") }; + $id = eval { getpwnam("nouser") } unless defined $id; + $id = -2 unless defined $id; # # According to Stevens' APUE and various # (BSD, Solaris, HP-UX) man pages setting @@ -186,16 +183,15 @@ if (!($Is_VMS || $Is_MSWin32 || $Is_Dos || $Is_OS2) && ($> == 0 || $< == 0) # in HP-UX to change saved uid is to call setuid() # when the effective uid is zero). # - eval { - $< = $id; # real uid - $> = $id; # effective uid - $< = $id; # real uid - $> = $id; # effective uid - }; - last if !$@ && $< && $>; - } - die "Superuser must not run $0 without security audit and taint checks.\n"; -}} + eval { + $< = $id; # real uid + $> = $id; # effective uid + $< = $id; # real uid + $> = $id; # effective uid + }; + die "Superuser must not run $0 without security audit and taint checks.\n" + unless !$@ && $< && $>; +} my $podidx; if ($opt_X) { @@ -746,15 +742,6 @@ The B<-X> option looks for an entry whose basename matches the name given on the command line in the file C<$Config{archlib}/pod.idx>. The pod.idx file should contain fully qualified filenames, one per line. -=item B<-U> run insecurely - -Because B<perldoc> does not run properly tainted, and is known to -have security issues, it will not normally execute as the superuser. -If you use the B<-U> flag, it will do so, but only after setting -the effective and real IDs to nobody's or nouser's account, or -2 -if unavailable. If it cannot relinquish its privileges, it will not -run. - =item B<PageName|ModuleName|ProgramName> The item you want to look up. Nested modules (such as C<File::Basename>) @@ -763,6 +750,14 @@ give a descriptive name of a page, such as C<perlfunc>. =back +=head1 SECURITY + +Because B<perldoc> does not run properly tainted, and is known to +have security issues, when run as the superuser it will attempt to +drop privileges by setting the effective and real IDs to nobody's +or nouser's account, or -2 if unavailable. If it cannot relinquish +its privileges, it will not run. + =head1 ENVIRONMENT Any switches in the C<PERLDOC> environment variable will be used before the @@ -779,7 +774,7 @@ One useful value for C<PERLDOC_PAGER> is C<less -+C -E>. =head1 VERSION -This is perldoc v2.04. +This is perldoc v2.05. =head1 AUTHOR @@ -791,11 +786,14 @@ and others. =cut # +# Version 2.05: Sat Oct 12 16:09:00 CEST 2002 +# Hugo van der Sanden <hv@crypt.org> +# Made -U the default, based on patch from Simon Cozens # Version 2.04: Sun Aug 18 13:27:12 BST 2002 -# Randy W. Sims <RandyS@ThePierianSpring.org> -# allow -n to enable nroff under Win32 +# Randy W. Sims <RandyS@ThePierianSpring.org> +# allow -n to enable nroff under Win32 # Version 2.03: Sun Apr 23 16:56:34 BST 2000 -# Hugo van der Sanden <hv@crypt0.demon.co.uk> +# Hugo van der Sanden <hv@crypt.org> # don't die when 'use blib' fails # Version 2.02: Mon Mar 13 18:03:04 MST 2000 # Tom Christiansen <tchrist@perl.com> |