Bugtraq mailing list archives
Re: Setuid programs run from shell scripts?
From: karl () bagpuss demon co uk (Karl Strickland)
Date: Wed, 16 Nov 1994 08:55:48 +0000 (GMT)
text deleted... (Not to get into the set-UID shell-script argument again. ;-) Clearly, the set-UID bit on one or the other must take precedence. Someone, somewhere decided that it would be the set-UID bit on the script. This was maybe the wrong decision, but it's the one we're stuck with, for the moment at least. -----Fred- A shell script runs under the uid of the account executing it. I don't think there is any way for a script or any other subprocess to know whether it is being executed by any given account or by an account using a setuid program.
isnt that what real & effective uid's are for?!
So the script suid has to take preference.
why?! i dont follow the logic.
Unless you ignore suid on scripts altogether. Quentin
--
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD | Karl Strickland
PGP 2.3a Public Key Available. | Internet: karl () bagpuss demon co uk
|
Current thread:
- just bitten by the babbling talk's Eric Berggren (Nov 08)
- Re: just bitten by the babbling talk's Steinar Haug (Nov 09)
- /dev/ttyd crashes SunOS? Dave Horsfall (Nov 10)
- Re: /dev/ttyd crashes SunOS? Dave Horsfall (Nov 14)
- Setuid programs run from shell scripts? Michael Neuman (Nov 14)
- Re: Setuid programs run from shell scripts? Fred Blonder (Nov 15)
- Re: Setuid programs run from shell scripts? Quentin Fennessy (Nov 15)
- Re: Setuid programs run from shell scripts? Karl Strickland (Nov 16)
- Re: Setuid programs run from shell scripts? Julian Assange (Nov 17)
- Re: Setuid programs run from shell scripts? Justin J. Lister (Nov 18)
- archives Matthew Harding (Nov 25)
- archives of this list Matthew Harding (Nov 25)