How secure are shell scripts? (summary)
Maarten Litmaath
maart at cs.vu.nl
Sat Oct 13 01:40:55 AEST 1990
In article <15059 at hydra.gatech.EDU>,
gt0178a at prism.gatech.EDU (Jim Burns) writes:
)in article <JIM.90Oct11150613 at baird.cs.strath.ac.uk>,
) jim at cs.strath.ac.uk (Jim Reid) says:
)
)> The hack by HP is precisely that: a hack. It fixes one or two possible
)> problems, but not them all. (For instance doing naughty things with
)> (symbolic) links to the setuid shell script or replacing the file as
)> it is being exec'ed....) The end result of that is a false illusion
)> that setuid ksh scripts are secure. Misguided individuals then make
)
)The first problem can be handled by starting w/'#!/bin/ksh -'.
That's _not_ enough.
)As for the
)second, I personally don't have the patience to sit there at adjoining
)terminals and try to swap files fast enough.
Why wouldn't you write a little C program or even a shell script? Jeez!
)It's like securing your car
)or home - all you can do is make it harder, not impossible. If it isn't
)setuid scripts that are being exploited, it will be something else.
No excuse for a lame quasi-solution.
These are _real_ solutions:
- write a C program instead;
- use a dispatcher that tries to locate the requested service in
a database of setuid scripts;
- use my `indir' pseudo interpreter front end;
- acquire a UNIX version that's got the /dev/fd driver and uses
that to launch the script.
--
"the C shell is flakier than a snowstorm." (Guy Harris)
More information about the Comp.unix.questions
mailing list