setuid shell scripts

Maarten Litmaath maart at cs.vu.nl
Tue Nov 8 10:08:37 AEST 1988


In article <563 at uva.UUCP> dik at uva.UUCP (Casper H.S. Dik) writes:
\#!<shell> <full pathname of script>
\shift # throw away excess argument.
\
\should close the gap.

Very neat solution, but there's a problem: the total length of shell name +
argument should not exceed 32 chars :-(
(very C64-like indeed!)
Then there's SunOS' csh, which expects a `-b' flag to be the first argument,
instead of the full path name, when executing a setuid script.
Of course both problems could be fixed easily.
Furthermore there's the increased difficulty in maintaining setuid shell
scripts: when you move one, you mustn't forget to edit it...

\... It breaks, however, if the script can be removed/renamed by somebody
\who isn't the owner or the superuser.

Indeed, but that would be a strange situation (dumb mistake) in itself.
-- 
George Bush:                          |Maarten Litmaath @ VU Amsterdam:
             Capt. Slip of the Tongue |maart at cs.vu.nl, mcvax!botter!maart



More information about the Comp.unix.wizards mailing list