Bugtraq mailing list archives
Re: SUID shell scripts, questions?
From: Quentin.Fennessy () SEMATECH Org (Quentin Fennessy)
Date: Fri, 10 Feb 1995 21:27:27 -0600
Adam, you wrote:
setuid scripts are insecure because the interpreter (the shell) is not designed to be secure. Trying to patch it to make it secure is the wrong answer. The right answer is to build little setuid tools that do exactly and only what you need, such as the port20 tool mentioned in Cheswick & Bellovin.
Adam- I wonder if you would expand on this. I thought the basic problem with the idea of suid #!/bin/interpreter scripts is the race condition just described. What other basic problems exist with suid #! scripts that are unique to these scripts? My counter to your statement: Once the race condition is fixed then secure suid shell programming is no more a problem than is writing secure suid programs in C or perl or any other language. The issues that arise seem to come from not understanding the environment - things like IFS or the LD* variables or relative paths, etc. Quentin
Current thread:
- Re: IFS, (continued)
- Re: SUID shell scripts, questions? David A. Wagner (Feb 10)
- Re: SUID shell scripts, questions? Peter Wemm (Feb 11)
- Returned mail: Cannot send message for 2 days Mail Delivery Subsystem (Feb 11)
- Re: SUID shell scripts, questions? Casper Dik (Feb 11)
- Solaris 2.3-2.4 Audit Bug Dow Summers (Feb 11)
- Re: Solaris 2.3-2.4 Audit Bug Christopher Klaus (Feb 12)
- Re: SUID shell scripts, questions? Peter Wemm (Feb 11)