Home »
Archive »
Atari MiNT Mailing List »
Re: seduid scripts
Re: seduid scripts [message #6948] |
Tue, 23 March 1993 01:59 |
|
Originally posted by: steve@earth.ox.ac.uk
>How about a (setuid root) program that acts as a setuid server; i.e.
>whenever exec detects a #! as the first two characters of a file,
>it instead execs /bin/scripter (or whatever we want to call it) with
>the script file name as the first argument and the other parameters
>(if any) following it. /bin/scripter then checks the uid, gid, and
>permission bits, does appropriate setuid() and setgid() calls, and
>executes the interpreter (after performing any /->\ translations
>that are necessary).
>
>Obviously if the script is *not* setuid or setgid then exec can
>bypass /bin/scripter and just do the script directly.
This sounds an even more unholy mess than one incidence of / -> \ conversion
in the kernel! Anyway, it's just one more security hole, not that there
aren't one or two already! :-)
Steve
--
------------------------------------------------------------ ---------------
Computer Systems Administrator, Dept. of Earth Sciences, Oxford University.
E-Mail: steve@uk.ac.ox.earth (JANET) steve@earth.ox.ac.uk (Internet).
Tel:- Oxford (0865) 282110 (UK) or +44 865 282110 (International).
|
|
|
Goto Forum:
Current Time: Thu Mar 28 06:58:13 EDT 2024
Total time taken to generate the page: 0.05299 seconds