Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!henry From: henry@utzoo.UUCP (Henry Spencer) Newsgroups: net.unix-wizards Subject: Re: magic numbers Message-ID: <3616@utzoo.UUCP> Date: Sat, 10-Mar-84 19:46:18 EST Article-I.D.: utzoo.3616 Posted: Sat Mar 10 19:46:18 1984 Date-Received: Sat, 10-Mar-84 19:46:18 EST References: <2639@alice.UUCP> opus.199, <1094@utah-gr.UUCP> Organization: U of Toronto Zoology Lines: 16 Yup, #! in the kernel permits setuid shell scripts. I'm not sure that this is a virtue, considering that people seem to be unaware of the simply appalling number of security holes this opens up. If you think about the consequences of feeding a setuid shell file a non- standard value of the IFS variable, with some suitably-named programs lying around ready and waiting, you will have some idea of the sort of things I'm referring to. Shell files simply are not in a good position to handle things like this; the interpretation process for them is too complex and there is too little control over it. This does not mean that I'm opposed to #! in the kernel, just that setuid shell scripts seem a very weak justification for it, given that they are grossly unsafe. -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,linus,decvax}!utzoo!henry