Disabling setuid in vm when playing messages

• Messages sorted by:[ date ][ thread ][ subject ][ author ]

Stefan Haller <stefan.haller@ascom.ch> wrote:
> Insecure $ENV{PATH} while running setuid at /dev/fd/4 line 7.
> Insecure $ENV{CDPATH} while running setuid at /dev/fd/4 line 7.

No, this is a perl message. You are running tainted perl, please refer
to perl's documentation about tainting.

> unable print the right filename. I don't konw because of what it thinks
> that /dev/fd/* files are scripts to execute. But it's a matter of fact

Because that's how perl and intepreter execution is probably implemented
to avoid suid races in shell scripts.

vm was never designed to run suid root.