Secure setuid shell scripts
Maarten Litmaath
maart at cs.vu.nl
Wed Oct 26 19:25:54 AEST 1988
In article <303 at auspex.UUCP> guy at auspex.UUCP (Guy Harris) writes:
\>just one question. Is this problem a security hole for only BSD systems,
\>or does it exist on other SVID type systems or others?
\
\The one I know of would be a problem on non-BSD systems if they have the
\following features:
\
\ 1) "#!" - the ability for the kernel to recognize that an
\ executable file is really a shell (or other) script, and to run
\ the appropriate shell on it
\
\ 2) symbolic links (not necessary in all cases, but necessary to
\ make it work under arbitrary circumstances)
I don't need 2 at all! Just a bit patience will do...
--
Hippic sport: |Maarten Litmaath @ VU Amsterdam:
a contradiction in terms.|maart at cs.vu.nl, mcvax!botter!maart
More information about the Comp.unix.wizards
mailing list