[TUHS] Set-uid shell scripts
Dave Horsfall
dave at horsfall.org
Wed Aug 7 08:48:59 AEST 2019
On Tue, 6 Aug 2019, jason-tuhs at shalott.net wrote:
[ Replacing a temporary set-uid file ]
> This was always described to me as the canonical reason why setuid
> interpreted scripts were a security hole, irrespective of any specifics
> in the shell or other interpreter.
It's a problem for any temporary files in a world-writable directory,
hence the extensions to directory permissions e.g. /tmp and /var/tmp...
Amusingly enough, the Mac works around this by symlinking /tmp to
private/tmp i.e. you get your own /tmp...
-- Dave
More information about the TUHS
mailing list