setuid shell scripts
Casper H.S. Dik
dik at uva.UUCP
Mon Nov 7 23:11:22 AEST 1988
Hi there,
I might be wrong. But in SunOS 3.4 modifying your setuid-scripts:
from
#!<shell>
to
#!<shell> <full pathname of script>
shift # throw away excess argument.
should close the gap.
This should work on all un*x systems whose kernel interprets an optional first
argument. This method guarantees the correct argument will be supplied to
the shell. It breaks, however, if the script can be removed/renamed by somebody
who isn't the owner or the superuser.
To find out wether your kernel does or doesn't allow for an extra argument
try the script:
#!/bin/echo yes
If this script echoes 'yes <scriptname>' you're in luck.
(It should echo <scriptname> in other cases, of course)
(It seems to work in 4.3BSD as well, but I couldn't find it in the docs)
____________________________________________________________________________
Casper H.S. Dik
University of Amsterdam | dik at uva.uucp
The Netherlands | ...!uunet!mcvax!uva!dik
More information about the Comp.unix.wizards
mailing list