setuid shell scripts

[G. Ewing]

Sigh... confusion still abounds. I have received various replies
of the form:

Maarten Litmaath (maart at cs.vu.nl) writes:
>In article <850 at cantuar.UUCP> greg at cantuar.UUCP (G. Ewing) writes:
>\   (A)	The shell checks the owner and set{u,g}id bits of the
>Safe.
>\   (B)	The "shell" isn't a shell or interpreter at all, and
>Safe.
>\   (C)	The "shell" consists of the following program:
>Special case of 2.

On the other hand, I've also had replies such as
(sorry, I don't know the sender's name in real life):

>From: <watmath!clyde!ulysses!smb>
>None of those things prevent the bug, I'm afraid, not singly, and not
>in combination.

and Chris Torek indicated in an earlier posting that there was a
problem that was *completely independent* of shell semantics.
Presumably this means that it doesn't matter if the shell isn't
a shell.

Maarten Litmaath again:
>\removing the setuid-#! facility is wrong.
>Questionable; every interpreter would have to take care of things, while
>it should be the kernel who's getting them straight.

I'd be quite happy for the kernel to do it right. I was just saying that
disabling the facility altogether might be overkill.

Or it might not.

Can you shed any light, Chris?

Greg Ewing				Internet: greg at cantuar.uucp
Spearnet: greg at nz.ac.cantuar		Telecom: +64 3 667 001 x8357
UUCP:	  ...!{watmath,munnari,mcvax,vuwcomp}!cantuar!greg
Post:	  Computer Science Dept, Univ. of Canterbury, Christchurch, New Zealand
Disclaimer: The presence of this disclaimer in no way implies any disclaimer.