setting SUID for scripts
Dave Olson
olson at anchor.esd.sgi.com
Mon Jul 30 13:04:17 AEST 1990
In <9007292052.AA21084 at ccu1.aukuni.ac.nz> russell at CCU1.AUKUNI.AC.NZ writes:
| >
| > I am trying to set the SUID on a shell script.
| > It appears beeing set with the ls command, but has no effect.
| > Is it the case on this system that one can only SUID on programs,and not
| > on scripts???
| >
| What release of Irix are you running? I beleive that SGI have done something
| that affects suid on shell scripts at 3.3. This is because it is a known
| loophole in unix security. At 3.3 I think that it is a kernal option and that
| it will be removed altogether at V.4.
Yes, it is disabled by default as shipped, and the few shell scripts
in the release that required it were rewritten or replaced by
binaries. See the variable 'nosuidshells' in /usr/sysgen/master.d/kernel.
As far as I know, we have no intentions of completely dropping
support for setuid scripts, even if/when we pick up the V.4
features.
In 3.2 setuid scripts were supported with no way to disable them.
--
Dave Olson
Life would be so much easier if we could just look at the source code.
More information about the Comp.sys.sgi
mailing list