setting SUID for scripts

Vernon Schryver vjs at rhyolite.wpd.sgi.com
Sat Aug 4 09:31:38 AEST 1990


In article <3795 at auspex.auspex.com>, guy at auspex.auspex.com (Guy Harris) writes:
] >As far as I know, we have no intentions of completely dropping
] >support for setuid scripts, even if/when we pick up the V.4
] >features.
] 
] Given that S5R4 includes support for setuid scripts, complete with the
] "standard" fix for what is probably the most (in)famous security hole
...


How do you close the main hole without changing the shells themselves?
Given 3rd party shells such as bash and ksh, how do you close the hole?
What about "shells scripts" with an initial line like "#!/bin/make -f"?
(Yes, MAKEDEV is not suid.)

I'm referring to the hole caused by the shell reopening the file rather
than use the same FD that was validated by exec.c while it was parsing
#! line.

What is the "standard fix?"  Does it require /dev/{stdin,fd,etc}?


Vernon Schryver
vjs at sgi.com



More information about the Comp.sys.sgi mailing list