Bugtraq mailing list archives

Re: setuid scripts in SunOS 4.1.x

From: jhawk () panix com (John Hawkinson)
Date: Fri, 23 Sep 1994 00:27:50 -0400 (EDT)

The best solution is to make sure you don't have suid shell scripts
Cops does a fine job in finding them for you so does:

find /   \( -type d -fstype nfs -prune \) -o -type f \( -perm -4001 -o -perm
 -4010 -o -perm -4100 -o -perm -2100 -o -perm -2010 -o -perm -2001 \)

If I remeber correctly SunOS 4.1.x is just one of those UNIX systems that
allows suid shell scripts. I don't think this will be 'fixed'.
But you can always try to mail security-alert () Sun COM.

Of course you can always mount your filesystems `nosuid'.


The "correct" thing to do is to patch kern_exec.c (kern_exec.o).
This is nontrivial if you don't have source. It's trivial
if you do (I don't). No one has done this publically as of yet.

Thinking about it, I wonder if the BSD kern_exec is "good enough".
If so, perhaps it could be substituted. Anyone? (Casper?)

--
John Hawkinson
jhawk () panix com

Current thread:

Re: setuid scripts in SunOS 4.1.x Richard Huddleston (Sep 21)
- <Possible follow-ups>
- Re: setuid scripts in SunOS 4.1.x Peter Jeremy (Sep 22)
- Re: setuid scripts in SunOS 4.1.x Colin Campbell (Sep 23)
  - Re: setuid scripts in SunOS 4.1.x John Hawkinson (Sep 22)
    - Re: setuid scripts in SunOS 4.1.x Karl Strickland (Sep 24)
    - Re: setuid scripts in SunOS 4.1.x Fred Blonder (Sep 26)
    - Re: setuid scripts in SunOS 4.1.x John Hawkinson (Sep 26)
    - Re: setuid scripts in SunOS 4.1.x Harold van Aalderen (Sep 27)
    - Re: setuid scripts in SunOS 4.1.x Rafi Sadowsky (Sep 27)
    - Re: setuid scripts in SunOS 4.1.x Paul O'Donnell (Sep 27)
    - Re: setuid scripts in SunOS 4.1.x Fred Blonder (Sep 27)
    - Re: setuid scripts in SunOS 4.1.x John Hawkinson (Sep 27)
    - Re: setuid scripts in SunOS 4.1.x Valdis.Kletnieks () vt edu (Apr 17)
    - Re: setuid scripts in SunOS 4.1.x jmc () gnu ai mit edu (Sep 28)

(Thread continues...)