execute only and setuid/gid shell procedures
David Korn
dgk at ulysses.UUCP
Thu May 8 06:22:12 AEST 1986
I am seriously considering modifying Korn shell and adding a suid program
to handle shell scripts that have execute permission and no read
permission, and to handle setuid/setgid scripts without relying of
the operating system to look for the #! magic number. Since shell
procedures are supposed to behave like a.outs, why should read
permission be required anyway?
I have already closed the security holes created by the IFS, PATH and
SHELL variables, and profiles in ksh and I am reluctant to add this feature if
this creates new security holes. The implementation allows this feature
to be disabled at run time by an administrator.
Are there any other security problems with setuid/setgid shell scripts?
Is this feature worthwhile? Is there any reason why this hasn't been
implemented before? (Especially execute only scripts which don't seem
to create a security problem).
David Korn
ulysses!dgk
More information about the Comp.unix
mailing list