How secure are shell scripts?
Tiggr
rcpieter at svin02.info.win.tue.nl
Fri Sep 28 04:04:15 AEST 1990
mferrare at adelphi.ua.oz.au (Mark Ferraretto) writes:
|I want to write a program that all of our users will be accessing and the
|program may be suid to root so that certain users may write to a writeprotected
|directory. At the moment the program is a shell script and I want to know if
|this is less secure than writing C code. Either way the program would have
|the protection as 755 though there is no need for the users to read it.
755 isn't setuid. Nothing wrong with a non-setuid shell script. A setuid shell
script owned by root (world executable) enables ANY user to have a root shell
by typing two commands.
Tiggr
More information about the Comp.unix.questions
mailing list