[TUHS] Set-uid shell scripts

Dave Horsfall dave at horsfall.org
Wed Aug 7 08:48:59 AEST 2019

On Tue, 6 Aug 2019, jason-tuhs at shalott.net wrote:

[ Replacing a temporary set-uid file ]

> This was always described to me as the canonical reason why setuid 
> interpreted scripts were a security hole, irrespective of any specifics 
> in the shell or other interpreter.

It's a problem for any temporary files in a world-writable directory, 
hence the extensions to directory permissions e.g. /tmp and /var/tmp...

Amusingly enough, the Mac works around this by symlinking /tmp to 
private/tmp i.e. you get your own /tmp...

-- Dave

More information about the TUHS mailing list