setuid shell scripts
Maarten Litmaath
maart at cs.vu.nl
Sat Nov 5 12:10:41 AEST 1988
In article <850 at cantuar.UUCP> greg at cantuar.UUCP (G. Ewing) writes:
\Under how many of the following conditions does the problem
\still exist:
\
\ (A) The shell checks the owner and set{u,g}id bits of the
\ script it is about to execute to make sure it's okay.
Safe.
\ (B) The "shell" isn't a shell or interpreter at all, and
\ doesn't execute the script as a list of commands.
Safe.
\ (C) The "shell" consists of the following program:
\
\ main() {
\ }
Special case of 2.
\If any of these things prevent the problem, then I submit that
\removing the setuid-#! facility is wrong.
Questionable; every interpreter would have to take care of things, while
it should be the kernel who's getting them straight.
\Greg Ewing Internet: greg at cantuar.uucp
Family?
--
George Bush: |Maarten Litmaath @ VU Amsterdam:
Capt. Slip of the Tongue |maart at cs.vu.nl, mcvax!botter!maart
More information about the Comp.unix.wizards
mailing list