Firewall Wizards mailing list archives

Re: High ranking lusers

From: Henry Hertz Hobbit <hhhobbit () icarus weber edu>
Date: Sat, 18 Apr 1998 16:17:23 -0600 (MDT)

On Thu, 16 Apr 1998 carson () tla org wrote:

Little Boss:  The Big Boss wants a shell script to be setuid root.


2) Setuid shell scripts (at least /bin/sh ones) are secure in many modern
operating systems, such as Solaris 2.x, thanks to /dev/fd


No they aren't secure, at least as a general rule. You can't easily
change what a binary does without actually replacing the binary.
With a shell script, all kinds of possibilities exist. If you can
exit to a shell the possibility of gaining unauthorized root access
exists. Trojan statements can be inserted in the shell file to cause
damage. What does the floppy device have to do with anything???

3) If (1) and (2) fail to make you modify your policy, you can always
make him code a setuid wrapper in C, instead of shell.


This is *much* more preferable. Depends on the size of the shell
script, but do *NOT* have any system() functions in the code since
this is almost as bad as a shell file. If you can somehow shell out,
(or invoke a shell from the program) you are again gaining root
access.


HHH

Current thread:

High ranking lusers Anonymous (Apr 16)
- Re: High ranking lusers Paul D. Robertson (Apr 17)
- Re: High ranking lusers Bennett Todd (Apr 17)
- Re: High ranking lusers carson (Apr 17)
  - Re: High ranking lusers Henry Hertz Hobbit (Apr 19)
    - Re: High ranking lusers carson (Apr 19)
    - Re: High ranking lusers Chip Christian (Apr 20)
    - Re: High ranking lusers Henry Hertz Hobbit (Apr 20)
- Re: High ranking lusers Rick Smith (Apr 17)
- <Possible follow-ups>
- Re: High ranking lusers David Collier-Brown (Apr 21)