Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site brl-tgr.ARPA Path: utzoo!watmath!clyde!burl!ulysses!allegra!bellcore!decvax!genrad!teddy!panda!talcott!harvard!seismo!brl-tgr!tgr!ron@BRL-TGR From: Ron NatalieNewsgroups: net.unix-wizards Subject: Re: Security and set[ug]id shell scripts Message-ID: <7462@brl-tgr.ARPA> Date: Thu, 17-Jan-85 11:18:04 EST Article-I.D.: brl-tgr.7462 Posted: Thu Jan 17 11:18:04 1985 Date-Received: Sun, 20-Jan-85 06:14:49 EST Sender: news@brl-tgr.ARPA Organization: Ballistic Research Lab Lines: 24 System V does not honor the setuid bits on shell files. 4.2 Does not honor the setuid bits on shell files. This is because shell files are data, to be input to another program rather than things that get processed by the "exec" system call which is where setuid bits are dealt with. 4.2 does have a mechanism that if the magic number of a file happens to correspond to "#!" the kernel then reads for the rest of the line and uses that as the program to exec. The setuid bits get applied to that program (not necessarily the shell). The standard input gets redirected to the file (the manual is wrong). Any time a setuid program is going to do things like invoking the shell, it is going to have to be careful. Most cases are not a defect in the shell. If you only have a binary license, get rid of setuid files begining with "#!". Carefully redo what they do in a real execed program wathching out for pitfalls. How about a little software design methodology here? Of course, with trully execed (non-#!) programs you have no recourse than to beat on the people you got your UNIX from if they do dumb things in setuid programs. -Ron