Secure setuid shell scripts
Rahul Dhesi
dhesi at bsu-cs.UUCP
Tue Oct 25 22:03:26 AEST 1988
The set-user-id shell script bug, they say, lies in the semantics of
the file system itself. Very well:
In article <14139 at mimsy.UUCP> chris at mimsy.UUCP (Chris Torek) adds:
>...there is a way to have set-ID scripts without having
>the kernel do it: you make the interpreter itself set-ID, and have it
>check the ID on the script.
Which naturally leads me to wonder: The semantics of the filesystem
are presumably not dependent on whether the kernel handles set-uid
scripts or the set-uid interpreter does (or are they?). Does the same
security hole exist when a shell, which has been made made set-uid to
root, executes a set-uid scrpt without the kernel's help?
--
Rahul Dhesi UUCP: <backbones>!{iuvax,pur-ee}!bsu-cs!dhesi
More information about the Comp.unix.wizards
mailing list