A security hole
Johannes Heuft
jh at pcsbst.UUCP
Tue Mar 8 20:43:47 AEST 1988
In general: using system(3) or popen(3) inside a set-uid-on-exec
program is a severe security violation. Please believe guys
how know about it. If I would tell why, everybody could crack a
SVR2 within a four-line shell script! AT&T did a lot for
fixing this security hole in SVR3.*
For the same reason set-uid shell scripts should be outlawed (in BSD4.*).
Note, that getcwd(3) still calls popen("/bin/pwd" ...). Use getpwd()
if this routine is available.
More information about the Comp.bugs.sys5
mailing list