Set-uid shell scripts (Don't do it + apology)
Maarten Litmaath
mcvax!cs.vu.nl!maart at uunet.uu.net
Sat May 6 07:46:57 AEST 1989
will%robots.oxford.ac.uk at nss.cs.ucl.ac.uk (Will Dickson) writes:
\... there is no secure interpreter, as there is a
\problem in the kernel rather than in the interpreters themselves which can
\be exploited (< 20 lines of plain C, with standard UNIX calls) to break
\any suid script.
^^^
Simply not true. Use setuid(1) and you're out of trouble. The source and
manual can be acquired from the comp.sources.misc archives or by emailing
me.
\There are a few problems with my posting, one of which
\hasn't been mentioned (but hinted at by Henry Spencer in v7n218): csh
^^^^^^
He could have been specific, for the essential problem has been revealed
about nine months ago in comp.unix.wizards (yes, by me). I've got a
detailed description on-line.
"If it isn't aesthetically pleasing, |Maarten Litmaath @ VU Amsterdam:
it's probably wrong." (jim at bilpin). |maart at cs.vu.nl, mcvax!botter!maart
More information about the Comp.sys.sun
mailing list