ruby 1.8.5 and 1.9
I have a script that I am trying to run as setuid. I’ve created a
simple C wrapper program for it that calls exec and invokes the
This wrapper program is set to another user (not root), chmod 4755.
The directory where the wrapper and script is chowned to root, with
The script runs fine, with a taint level of 1.
in `require’: Insecure operation - require (SecurityError)
as if the string was tainted. Unfortunately, ruby does not seem too
helpful in explaining what the issue is.
I also replaced the script with a two line script in Perl, and Perl
allows me to require any of its modules just fine.