Home »
Archive »
Atari MiNT Mailing List »
Re: seduid scripts
| Re: seduid scripts [message #6951] |
Tue, 23 March 1993 07:09 |
|
|
Originally posted by: steve@earth.ox.ac.uk
>Steve writes:
>
>> > [about /bin/scripter]
>>
>> This sounds an even more unholy mess than one incidence of / -> \ conversion
>> in the kernel! Anyway, it's just one more security hole, not that there
>> aren't one or two already! :-)
>
>Why is that an security hole? `/bin/scripter' would be just another shell
>which happens to be setuid-root (just like `su').
It's just one more program which could be compromised.
>
>IMHO, having a script launcher is better than putting inconsistencies
>in the kernel.
Exec should preferably be an atomic action. Also, there is an implicit
assumption that you hold your executables in /bin. What if the script is for
something other than /bin/[c]sh, maybe you want to run /exec/bloggs/gruncher
and don't have a /bin on the current drive? Putting the parsing of the #!
magic number in the kernel would make the kernel self contained, and hence
less able to be totally fouled up by the half-clued or clueless.
You can never under estimate the intelligence of a user! :-)
>
>Michael
>--
>Internet: hohmuth@freia.inf.tu-dresden.de
>
Steve
--
------------------------------------------------------------ ---------------
Computer Systems Administrator, Dept. of Earth Sciences, Oxford University.
E-Mail: steve@uk.ac.ox.earth (JANET) steve@earth.ox.ac.uk (Internet).
Tel:- Oxford (0865) 282110 (UK) or +44 865 282110 (International).
|
|
|
|
Goto Forum:
Current Time: Sat Apr 20 02:27:58 EDT 2024
Total time taken to generate the page: 0.02161 seconds
Members
Search
Help
Register
Login
Home
