System V Release 4 ...
Brandon S. Allbery
allbery at ncoast.UUCP
Thu Oct 20 01:25:38 AEST 1988
As quoted from <467 at gould.doc.ic.ac.uk> by brwk at doc.ic.ac.uk (Bevis King):
+---------------
| I interpretted the above to mean "setuid/setgid" shells can only be run
| by the default shell, and any attempt to change from that results in the
| setuid/setgid being ignored.
+---------------
Shell scripts probably -- HOPEFULLY -- cannot be suid/sgid. ALLOWING SETUID
SHELL SCRIPTS IS A SECURITY HOLE. It's notable that Berkeley itself has
sent out a "mandatory" BSD patch which disables setuid on "#!" executables.
On the other hand, your Sun-blinded friend is probably incurable. [ 1/2 ;-) ]
++Brandon
--
Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X
uunet!hal.cwru.edu!ncoast!allbery <PREFERRED!> ncoast!allbery at hal.cwru.edu
allbery at skybridge.sdi.cwru.edu <ALSO> allbery at uunet.uu.net
comp.sources.misc is moving off ncoast -- please do NOT send submissions direct
(But the aliases are NOT on UUNET yet, use the aliases at backbone sites!)
More information about the Comp.unix.wizards
mailing list