Secure setuid shell scripts
Maarten Litmaath
maart at cs.vu.nl
Thu Oct 27 23:41:05 AEST 1988
In article <307 at lakart.UUCP> dg at lakart.UUCP (David Goodenough) writes:
\...
\#! /bin/sh -
\...
\This closes up the security hole very nicely here (unless there's some
\sneaky way of getting in that I didn't know about).
There's still another way (keyword: race condition).
BTW, our 4.3BSD /bin/sh doesn't stop searching for flags after the `-'.
\Incidentally, lakart
\is BSD4.3, so we DO have symbolic links: it was suggested that if no
\symbolic links existed, then by denying write permission to general users
\on all filesystems where suid 0 reside the problem could be reduced.
That's correct, but a bit inconvenient: no setuid scripts on /usr (/usr/tmp).
--
George Bush: |Maarten Litmaath @ VU Amsterdam:
Capt. Slip of the Tongue |maart at cs.vu.nl, mcvax!botter!maart
More information about the Comp.unix.wizards
mailing list