Skip Menu |
 

This queue is for tickets about the Net-Ping CPAN distribution.

Report information
The Basics
Id: 20414
Status: rejected
Priority: 0/
Queue: Net-Ping

People
Owner: Nobody in particular
Requestors: tkocher [...] spirit21.de
Cc:
AdminCc:

Bug Information
Severity: Critical
Broken in: 2.31
Fixed in: (no value)



Subject: cannot flag perl script with sticky bit when using syn and port 80
Download (untitled) / with headers
text/plain 1.4k
Hi, I cannot execute the tcp ping if perl script's sticky bit is set: -rwsr-x--- 1 root tkocher 1084 Jul 11 15:21 check_ping.pl [tkocher@host tkocher]$ ./check_ping.pl ip_address Insecure dependency in connect while running setuid at /usr/lib/perl5/5.8.0/Net/Ping.pm line 778. using perl version: [tkocher@host tkocher]$ perl -v This is perl, v5.8.0 built for i386-linux-thread-multi (with 1 registered patch, see perl -V for more detail) Copyright 1987-2002, Larry Wall on: Linux vlux1.boeblingen.de.ibm.com 2.4.21-40.ELsmp #1 SMP Thu Feb 2 22:22:39 EST 2006 i686 i686 i386 GNU/Linux library version: [root@host tkocher]# head -n 3 /usr/lib/perl5/5.8.0/Net/Ping.pm package Net::Ping; # $Id: Ping.pm,v 1.46 2002/12/02 19:17:09 rob Exp $ [root@vlux1 tkocher]# I wrote the following script: #!/usr/bin/perl # # script checks if host's http port 80 is reachable but not icmp # use strict; use Net::Ping; my $usage="usage: script [hostname|ip]"; if ($#ARGV != 0) # check if just one argument { print ("$usage\n"); exit 3; } my $host = @ARGV[0]; # check if host is pingable my $p = Net::Ping->new("icmp"); my $icmp_result = $p->ping($host, 1); # icmp result is 1 if host is reachable - 0 if unreachable - undef in cases of other problems $p->close(); # check if http port is open $p = Net::Ping->new("syn"); $p->{port_num}=80; my $http_result = $p->ping($host); $p->close(); print ("icmp_result: $icmp_result\n"); print ("http_result: $http_result\n"); exit 0; Thanks for any help...
Download (untitled) / with headers
text/plain 1.9k
On Tue Jul 11 09:48:22 2006, guest wrote: Show quoted text
> Hi, > > I cannot execute the tcp ping if perl script's sticky bit is set: > > -rwsr-x--- 1 root tkocher 1084 Jul 11 15:21 check_ping.pl > > [tkocher@host tkocher]$ ./check_ping.pl ip_address > Insecure dependency in connect while running setuid at > /usr/lib/perl5/5.8.0/Net/Ping.pm line 778. > > using perl version: > > [tkocher@host tkocher]$ perl -v > > This is perl, v5.8.0 built for i386-linux-thread-multi > (with 1 registered patch, see perl -V for more detail) > > Copyright 1987-2002, Larry Wall > > > on: > > Linux vlux1.boeblingen.de.ibm.com 2.4.21-40.ELsmp #1 SMP Thu Feb 2 > 22:22:39 EST 2006 i686 i686 i386 GNU/Linux > > library version: > [root@host tkocher]# head -n 3 /usr/lib/perl5/5.8.0/Net/Ping.pm > package Net::Ping; > > # $Id: Ping.pm,v 1.46 2002/12/02 19:17:09 rob Exp $ > [root@vlux1 tkocher]# > > > I wrote the following script: > #!/usr/bin/perl > > # > # script checks if host's http port 80 is reachable but not icmp > # > > use strict; > use Net::Ping; > my $usage="usage: script [hostname|ip]"; > > if ($#ARGV != 0) # check if just one argument > { > print ("$usage\n"); > exit 3; > } > > my $host = @ARGV[0]; > > > # check if host is pingable > my $p = Net::Ping->new("icmp"); > my $icmp_result = $p->ping($host, 1); # icmp result is 1 if host is > reachable - 0 if unreachable - undef in cases of other problems > $p->close(); > > # check if http port is open > $p = Net::Ping->new("syn"); > $p->{port_num}=80; > my $http_result = $p->ping($host); > $p->close(); > > print ("icmp_result: $icmp_result\n"); > print ("http_result: $http_result\n"); > exit 0; > > > Thanks for any help... >
This is a problem with the script, not with Net::Ping. When running with the sticky bit, taint checking is enabled. Since $host is not being validated in any way, taint checking catches its use and fails. Try validating $host in someway using a regular expression and your problems should go away.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.