diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2000-08-07 19:22:55 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2000-08-07 19:22:55 +0000 |
| commit | 41547087f2b2274ea1e04579aa0757e4ddb7520a (patch) | |
| tree | 553d5beb0543390cdff23983a9470bca2e3358c0 | |
| parent | f286bff9e8b771c055f8f82b39950fd7a8ecd4e2 (diff) | |
#ifdef out code that runs /bin/mail insecurely. We don't have a /bin/mail
so this bug doesn't bite us but...
| -rw-r--r-- | gnu/usr.bin/perl/perl.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/gnu/usr.bin/perl/perl.c b/gnu/usr.bin/perl/perl.c index 578fafc3f1b..b7d68e8c4b7 100644 --- a/gnu/usr.bin/perl/perl.c +++ b/gnu/usr.bin/perl/perl.c @@ -2758,6 +2758,7 @@ S_validate_suid(pTHX_ char *validarg, char *scriptname, int fdscript) if (tmpstatbuf.st_dev != PL_statbuf.st_dev || tmpstatbuf.st_ino != PL_statbuf.st_ino) { (void)PerlIO_close(PL_rsfp); +#ifdef DISGUSTINGLY_INSECURE if (PL_rsfp = PerlProc_popen("/bin/mail root","w")) { /* heh, heh */ PerlIO_printf(PL_rsfp, "User %"Uid_t_f" tried to run dev %ld ino %ld in place of dev %ld ino %ld!\n\ @@ -2768,6 +2769,7 @@ S_validate_suid(pTHX_ char *validarg, char *scriptname, int fdscript) PL_statbuf.st_uid, PL_statbuf.st_gid); (void)PerlProc_pclose(PL_rsfp); } +#endif Perl_croak(aTHX_ "Permission denied\n"); } if ( |