Secure setuid shell scripts
Bennet Yee
bsy at PLAY.MACH.CS.CMU.EDU
Tue Oct 25 11:44:25 AEST 1988
In article <3969 at encore.UUCP> bzs at encore.com (Barry Shein) writes:
]From: terryl at tekcrl.CRL.TEK.COM
]>In article <4409 at bsu-cs.UUCP> dhesi at bsu-cs.UUCP (Rahul Dhesi) writes:
]>>If a 4.3BSD system has not been patched to disallow set-user-id shell
]>>scripts, but root uses no set-user-id scripts, does a security hole
]>>still exist that will allow an unprivileged user to obtain root
]>>privileges?
]>
]> Yes. The problem is not that root uses a set-user-id shell script,
]>but that there exists anywhere in the file system a set-user-id shell
]>script THAT I CAN EXECUTE AS A MERE MORTAL(i.e. normal user). If such
]>a set-user-id shell script does exist, then in a manner of minutes
]>(depending on how fast I can type!!! (-:) I can become the id of that
]>shell script!!!!
]
]I think Rahul is asking the same question I asked and we're both being
]misunderstood (I've also gotten some private mail indicating a
]misunderstanding.)
]
]Rephrase: If there are NO setuid scripts on the entire system does
]there exist a bug which can be exploited?
]
If there are no setuid scripts on the entire system, there is no way that
somebody could break into the system using the setuid script bug. If you
create your own script setuid to yourself, you'd only allow other people to
gain access to your account.
-bsy
--
Internet: bsy at cs.cmu.edu Bitnet: bsy%cs.cmu.edu%smtp at interbit
CSnet: bsy%cs.cmu.edu at relay.cs.net Uucp: ...!seismo!cs.cmu.edu!bsy
USPS: Bennet Yee, CS Dept, CMU, Pittsburgh, PA 15213-3890
Voice: (412) 268-7571
More information about the Comp.unix.wizards
mailing list