On Wed, May 19, 2010 at 10:43:18PM +0200, Christian Marillat wrote: > Niko Tyni <nt...@debian.org> writes: > > > On Wed, May 19, 2010 at 11:06:07AM +0000, Debian Bug Tracking System wrote: > > > >> * Remove perl-suid dependency (Closes: #581949). > > > > I see that's indeed the only change you did to fix this. Are you sure > > it is enough? > > > > The postinst script still sets setgid permissions on the CGI scripts, and > > I don't think that's going to work anymore without perl-suid installed. > > I was thinking that perl-suid will be included in perl 5.12 and not > removed.
No, support for suid perl scripts has been dropped altogether. For background, suidperl has been deprecated since at least 2002, and the last straw was that 5.8.9 shipped with a broken one because nobody tested it at all before the release. http://rt.perl.org/rt3/Public/Bug/Display.html?id=61592 http://www.nntp.perl.org/group/perl.perl5.porters/2008/12/msg142839.html > I don't follow the perl dev. Could you tell me what is replacing perl > suid in perl 5.12 ? There's no replacement on the perl side. The main replacement is sudo. The apache2-suexec* packages might help you for this specific case of CGI scripts. I suppose the last resort is an ad-hoc suid C wrapper. -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
