setuid shell scripts
Keith Bostic
bostic at ucbvax.BERKELEY.EDU
Thu Jun 2 07:08:48 AEST 1988
In article <19045 at watmath.waterloo.edu>, gamiddleton at watmath.waterloo.edu (Guy Middleton) writes:
> The following recently showed up in comp.bugs.4bsd.ucb-fixes:
>
> From: bostic at OKEEFFE.BERKELEY.EDU (Keith Bostic)
> Subject: setuid/setgid shell scripts are a security risk
> Index: sys/kern_exec.c 4.3BSD
>
> This seems unnecessarily drastic action. We know what the problems with
> setuid shell scripts are; there is a simple kernel change to fix them (or
> at least, it fixes the problems we are aware of). Why not fix the problem,
> instead of removing a useful feature from the system?
The kernel fix that you (and other people) are proposing does not fix
this particular problem.
--keith
-
-
-
-
-
-
More information about the Comp.unix.wizards
mailing list