3

I'm a bit confused about the description of nosuid in the mount manpage on this RedHat system I'm setting up:

nosuid Do not allow set-user-identifier or set-group-identifier bits to
       take  effect.  (This seems safe, but is in fact rather unsafe if
       you have suidperl(1) installed.)

So I looked up suidperl(1) and discovered The suidperl Story, and was properly entertained for five minutes. I also learned that setting nosuid may not improve security as much as one might like, but I'm back to wondering how nosuid decreases the overall security, compared to not using it.

kojiro
  • 579
  • 4
  • 11

1 Answers1

1

As far as I understand, (I'm not using perl and even less suidperl), the manpage doesn't says nosuid is less secure, just that despite being more secure at first sight, it can be easily defeated by suidperl.

jlliagre
  • 191
  • 5
  • I would understand if they had just said that. But suidperl is tangential, right? If you manage to install any suid interpreter you can use it to run a script as root. That's true whether or not the filesystem is mounted `nosuid`, so `nosuid` is not *rather unsafe`. – kojiro Sep 11 '12 at 21:22
  • 1
    If current distributions of suidperl no more allow bypassing the nosuid flag, the man page comment are just obsolete. – jlliagre Sep 11 '12 at 22:42