Sv.2 suid bits

Guy Harris guy at sun.uucp
Fri Nov 29 07:09:54 AEST 1985


> > On SV.2 (3b2, pc7300 (Safari)) suid bits do not work on shell scripts.  Am
> > I just silly or don't I remember them working on 2 other UN*X-ish (TNIX,
> > XENIX) environments?
> 
> Suid bits on shell scripts don't work on any machine I have ever used. 
> This includes PDP-11/70, Vax, 3b20, U370, PC7300.  It is frustrating,
> but I have wound up making up a little C program which execs the shell. 
> The C program has the suid bit set...

Set-UID bits don't work on shell scripts, in general, because for them to
work the shell'd have to be running set-UID.  If you're running a shell as
yourself, and it tries to run a shell script which is set-UID to "root", how
would it be able to get "root"s privileges?  And if *it* could get root
privileges, what would prvent some program you wrote like

	main()
	{
		system("rm -rf /");
	}

from getting them as well?

In some systems (4.1BSD, 4.2BSD, Version 8, and some others which have added
this feature - originally concocted by Dennis Ritchie), you can have the
kernel detect a shell script and run a shell (or other interpreter) on that
script.  In this case, you *can* have set-UID shell scripts; the kernel is
trusted code (yuk yuk) and can give the shell it's firing off to run the
set-UID script the appropriate privileges.  However, there is a horrible
security hole in this; I think there's a fix, but I don't know if it closes
all the holes, and it involves changing any and all shells and other
interpreters - a minor change, but still a change, and you need source to
change it.  So don't set up set-UID shell scripts if you don't trust your
user population.

	Guy Harris



More information about the Comp.unix.wizards mailing list