Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxl!ihnp4!zehntel!hplabs!sri-unix!jdb@s1-c
From: jdb%s1-c@sri-unix.UUCP
Newsgroups: net.unix-wizards
Subject: Re: kernel recognizing #! scripts
Message-ID: <17378@sri-arpa.UUCP>
Date: Fri, 9-Mar-84 20:01:33 EST
Article-I.D.: sri-arpa.17378
Posted: Fri Mar  9 20:01:33 1984
Date-Received: Tue, 13-Mar-84 00:44:37 EST
Lines: 13

It is true that the "magic number" #! allows setuid/setgid
command files to be executed.  However, I do not trust them.  This
is not superstition; I know of a couple of security holes that can
result.  While there are ways to close these particular holes
I'm not confident enough of the underlying mechanism to believe
that there aren't other problems I haven't thought of.

I recommend the use of #! for non-setuid command files; it is very
useful for "make" and "awk".  If you want something to be setuid,
though, I suggest that you use a real binary program.
--
  John Bruner (S-1 Project, Lawrence Livermore National Laboratory)
  MILNET: jdb@s1-c	UUCP: ...!decvax!decwrl!mordor!jdb