setuid shell scripts
Guy Middleton
gamiddleton at watmath.waterloo.edu
Thu May 26 02:37:51 AEST 1988
The following recently showed up in comp.bugs.4bsd.ucb-fixes:
From: bostic at OKEEFFE.BERKELEY.EDU (Keith Bostic)
Subject: setuid/setgid shell scripts are a security risk
Index: sys/kern_exec.c 4.3BSD
Description:
Setuid/setgid shell scripts have inherent problems that
may be used to violate security. These problems cannot
be fixed without completely revising the semantics of
executable shell scripts.
Fix:
Panel your office in asbestos, and apply the following patch
to sys/kern_exec.c.
[ followed by a patch to disable setuid shell scripts ]
This seems unnecessarily drastic action. We know what the problems with
setuid shell scripts are; there is a simple kernel change to fix them (or
at least, it fixes the problems we are aware of). Why not fix the problem,
instead of removing a useful feature from the system?
-Guy Middleton, University of Waterloo Institute for Computer Research
gamiddleton at math.waterloo.edu, watmath!gamiddleton "nobody uses it, anyway"
More information about the Comp.unix.wizards
mailing list