Bugtraq mailing list archives

Re: SUID shell scripts, questions?

From: adam () bwh harvard edu (Adam Shostack)
Date: Fri, 10 Feb 1995 17:47:11 -0500 (EST)


You wrote:

| SUID shell scripts are traditionally insecure in unix environments. From
| my understanding, this is because when the kernel hits the #! magic
| number when executing the file, it then execs a shell and passes the 
[...]

| Now, since some on the list have the kern_exec.c code from the SunOS
| kernel (I'm sure SOMEONE kept a copy), shouldn't it be possible to 
| patch this source so that, combined with the /dev/fd filesystem, SunOS
| supports secure SUID scripts? It seems to me that it should be easy to

        setuid scripts are insecure because the interpreter (the
shell) is not designed to be secure.  Trying to patch it to make it
secure is the wrong answer.  The right answer is to build little
setuid tools that do exactly and only what you need, such as the
port20 tool mentioned in Cheswick & Bellovin.


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
                                                       -Hume

Current thread:

SUID shell scripts, questions? That Whispering Wolf... (Feb 10)
- Re: SUID shell scripts, questions? Adam Shostack (Feb 10)
- Re: SUID shell scripts, questions? Greg Woods (Feb 10)
  - Re: SUID shell scripts, questions? Carson Gaspar (Feb 11)
  - Re: SUID shell scripts, questions? Fred Blonder (Feb 13)
  - IFS Dave Williss (Feb 13)
    - Re: IFS Karl Strickland (Feb 13)
    - Re: IFS Jas (Feb 13)
    - Re: IFS Paul Robinson (Feb 14)
    - Re: IFS David Barr (Feb 15)
    - Re: IFS Julian Assange (Feb 15)
    - Re: IFS Nate Sammons - CVL System Admin (Feb 15)

(Thread continues...)