How secure are shell scripts? (summary)
Jim Burns
gt0178a at prism.gatech.EDU
Wed Oct 10 16:43:36 AEST 1990
in article <1576 at sirius.ucs.adelaide.edu.au>, mferrare at adelphi.ua.oz.au (Mark Ferraretto) says:
[quotes someone as saying]:
> Unless you are EXTREMELY careful, yes!
> Someone can set a path with, say, their home directory as first thing in path.
> They then copy 'sh' into their home directory and call it 'fred', where 'fred'
> is some command in the script. Next step, run script and get given an
> interactive, fully functioning shell as _root_!!!! Yuk.
Note that setuid ksh scripts on HP-UX 7.0 do an automatic 'set -p'
(protected) which, among other things, resets the PATH to something more
trusted (/bin and /usr/bin) and disables sourcing $ENV. This happens
whenever euid != uid. Doesn't solve all the problems, but it is a step in
the right direction.
--
BURNS,JIM
Georgia Institute of Technology, Box 30178, Atlanta Georgia, 30332
uucp: ...!{decvax,hplabs,ncar,purdue,rutgers}!gatech!prism!gt0178a
Internet: gt0178a at prism.gatech.edu
More information about the Comp.unix.questions
mailing list