diff options
| author | Gurusamy Sarathy <gsar@cpan.org> | 2000-03-14 03:53:50 +0000 |
|---|---|---|
| committer | Gurusamy Sarathy <gsar@cpan.org> | 2000-03-14 03:53:50 +0000 |
| commit | c185d8c4ca1cc87e83ad9cdf99185b38f34d7f69 (patch) | |
| tree | ff26fb0b50c97c436eb0cb6e71da096081ac0115 /utils/perldoc.PL | |
| parent | 15bcf75945ee67854726e21686d7f6dd6217be8f (diff) | |
| download | perl-c185d8c4ca1cc87e83ad9cdf99185b38f34d7f69.tar.gz | |
support a -U option when run as root to drop privileges (from
Tom Christiansen)
p4raw-id: //depot/perl@5721
Diffstat (limited to 'utils/perldoc.PL')
| -rw-r--r-- | utils/perldoc.PL | 42 |
1 files changed, 33 insertions, 9 deletions
diff --git a/utils/perldoc.PL b/utils/perldoc.PL index 6430589ec1..32421d77c2 100644 --- a/utils/perldoc.PL +++ b/utils/perldoc.PL @@ -80,14 +80,6 @@ my $Is_VMS = $^O eq 'VMS'; my $Is_MSWin32 = $^O eq 'MSWin32'; my $Is_Dos = $^O eq 'dos'; -# refuse to run if we should be tainting and aren't -# (but regular users deserve protection too, though!) -if (!($Is_VMS || $Is_MSWin32 || $Is_Dos) && ($> == 0 || $< == 0) - && !am_taint_checking()) -{ - die "Superuser must not run $0 without security audit and taint checks.\n"; -} - sub usage{ warn "@_\n" if @_; # Erase evidence of previous errors (if any), so exit status is simple. @@ -111,6 +103,7 @@ Options: -v Verbosely describe what's going on -X use index if present (looks for pod.idx at $Config{archlib}) -q Search the text of questions (not answers) in perlfaq[1-9] + -U Run in insecure mode (superuser only) PageName|ModuleName... is the name of a piece of documentation that you want to look at. You @@ -140,7 +133,7 @@ if (defined $ENV{"PERLDOC"}) { } !NO!SUBS! -my $getopts = "mhtluvriFf:Xq:n:"; +my $getopts = "mhtluvriFf:Xq:n:U"; print OUT <<"!GET!OPTS!"; use vars qw( @{[map "\$opt_$_", ($getopts =~ /\w/g)]} ); @@ -151,6 +144,25 @@ getopts("$getopts") || usage; print OUT <<'!NO!SUBS!'; usage if $opt_h; + +# refuse to run if we should be tainting and aren't +# (but regular users deserve protection too, though!) +if (!($Is_VMS || $Is_MSWin32 || $Is_Dos) && ($> == 0 || $< == 0) + && !am_taint_checking()) +{{ + if ($opt_U) { + my $id = eval { getpwnam("nobody") }; + $id = eval { getpwnam("nouser") } unless defined $id; + $id = -2 unless defined $id; + eval { + $> = $id; # must do this one first! + $< = $id; + }; + last if !$@ && $< && $>; + } + die "Superuser must not run $0 without security audit and taint checks.\n"; +}} + $opt_n = "nroff" if !$opt_n; my $podidx; @@ -742,6 +754,15 @@ The B<-X> option looks for a entry whose basename matches the name given on the command line in the file C<$Config{archlib}/pod.idx>. The pod.idx file should contain fully qualified filenames, one per line. +=item B<-U> run insecurely + +Because B<perldoc> does not run properly tainted, and is known to +have security issues, it will not normally execute as the superuser. +If you use the B<-U> flag, it will do so, but only after setting +the effective and real IDs to nobody's or nouser's account, or -2 +if unavailable. If it cannot relinguish its privileges, it will not +run. + =item B<PageName|ModuleName|ProgramName> The item you want to look up. Nested modules (such as C<File::Basename>) @@ -781,6 +802,9 @@ and others. =cut # +# Version 2.02: Mon Mar 13 18:03:04 MST 2000 +# Tom Christiansen <tchrist@perl.com> +# Added -U insecurity option # Version 2.01: Sat Mar 11 15:22:33 MST 2000 # Tom Christiansen <tchrist@perl.com>, querulously. # Security and correctness patches. |