2 shell questions before the new year
Hans Albertsson
hans at log-hb.UUCP
Mon Jan 14 05:45:53 AEST 1985
In article <7173 at brl-tgr.ARPA> gwyn at brl-tgr.ARPA (Doug Gwyn <gwyn>) writes:
>> Unless you've fixed your kernel, if you have setuid shell scripts you
>> have a security hole. Don't send me mail asking what it is.
>
>One should be careful for ANY security-related code to check for
>loopholes. This means, in C code, argc == 0, PATH=funny_places,
>signals in critical places, fd 0, 1, and/or 2 not opened, etc.
>For shell scripts, one should ALWAYS set PATH=wherever and if
>security-critical set IFS=standard_whitespace and catch traps.
Well, do all of that, and still do NOT use any set-uid shell scripts.
I had the bug demonstrated privately, and believe me, you should NOT
permit setuid shell scripts. Ever. Period.
No amount of defensive programming helps.
A fix may or may not be available at a later date, they tell me.
I have NO idea how that will be distributed, if ever.
Or by whom.
I've got it, I think ( hope? ), but won't spill.
--
Hans Albertsson, USENET/uucp: {decvax,philabs}!mcvax!enea!log-hb!hans
Real World: TeleLOGIC AB, Box 1001, S-14901 Nynashamn,SWEDEN
More information about the Comp.unix
mailing list