setting SUID for scripts
Guy Harris
guy at auspex.auspex.com
Tue Jul 31 04:02:24 AEST 1990
>As far as I know, we have no intentions of completely dropping
>support for setuid scripts, even if/when we pick up the V.4
>features.
Given that S5R4 includes support for setuid scripts, complete with the
"standard" fix for what is probably the most (in)famous security hole
(although there may well be other holes; when you're dealing with a
shell, you're dealing with a fairly big program, and there may well be,
umm, *interesting* combinations of individually-reasonable features that
open holes in set-UID scripts), I'd expect you wouldn't drop support for
them....
More information about the Comp.sys.sgi
mailing list