kernel recognizing #! scripts
jdb%s1-c at sri-unix.UUCP
jdb%s1-c at sri-unix.UUCP
Sat Mar 10 11:01:33 AEST 1984
It is true that the "magic number" #! allows setuid/setgid
command files to be executed. However, I do not trust them. This
is not superstition; I know of a couple of security holes that can
result. While there are ways to close these particular holes
I'm not confident enough of the underlying mechanism to believe
that there aren't other problems I haven't thought of.
I recommend the use of #! for non-setuid command files; it is very
useful for "make" and "awk". If you want something to be setuid,
though, I suggest that you use a real binary program.
--
John Bruner (S-1 Project, Lawrence Livermore National Laboratory)
MILNET: jdb at s1-c UUCP: ...!decvax!decwrl!mordor!jdb
More information about the Comp.unix.wizards
mailing list