Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!henry From: henry@utzoo.UUCP (Henry Spencer) Newsgroups: net.unix Subject: Re: 2 shell questions before the new year Message-ID: <4894@utzoo.UUCP> Date: Wed, 9-Jan-85 12:59:30 EST Article-I.D.: utzoo.4894 Posted: Wed Jan 9 12:59:30 1985 Date-Received: Wed, 9-Jan-85 12:59:30 EST References: <6820@brl-tgr.ARPA>, <240@mtxinu.UUCP> Organization: U of Toronto Zoology Lines: 13 > The advantages of directly-execable scripts are two-fold. ... > ... Second, the set-uid and set-gid bits > are honored. Voila! Set-uid shell scripts! Of course, as we all (should) know, setuid shell scripts are terminally insecure. The shell is just too complex, and there are too many ways to subvert it into doing things that the author of a (setuid) shell script did not intend. There are things that will help, like being careful to standardize PATH and having your shell refuse to import a non-standard value of IFS, but those aren't the only problems. -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,linus,decvax}!utzoo!henry