Return to BSD News archive
Newsgroups: comp.unix.bsd.freebsd.misc
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mel.connect.com.au!munnari.OZ.AU!news.hawaii.edu!ames!hookup!gatech!newsfeed.internetmci.com!in2.uu.net!news.new-york.net!ritz.mordor.com!bet
From: bet@ritz.mordor.com (Bennett Todd)
Subject: Re: execve() ignores shell script setuid bit
Organization: Mordor International - Jersey City, NJ
Message-ID: <DLpKsB.FF1@ritz.mordor.com>
References: <30FEC809.167EB0E7@lasorda.princeton.edu> <ufrawpqvi2.fsf@cumulus.sky.bln.sub.org>
Date: Wed, 24 Jan 1996 23:19:22 GMT
Lines: 28
>Most probably a feature. If it worked, it would be bug. SetUID scripts
>are a first-rate no-no; shells are just too easily tricked.
Many "shells" are easily tricked. Not all. The reason setuid scripts used to
be intractibly insecure had to do with how execve() invoked #!-magic
scripts. Modern Unixes, with /dev/fd, can fix this. I'd say it's a bug;
#!-magic should be able to be setuid.
>Write a C program instead. Or use perl.
You'll have to make an executable with a compiled language like C. You can't
use perl --- it's a #!-magic scripting language. You _can_ make a trivial C
wrapper that just immediately execs the actual script --- e.g.
#include <stdio.h>
#include <unistd.h>
int main(int argc, char **argv) {
(void) execv("name of file with script", argv);
(void) perror(argv[0]);
return(-1);
}
(untested). Compile that, make _it_ setuid, and invoking it will be like
invoking the script if setuid #!-magic worked.
--
-Bennett
bet@mordor.com
<URL:http://www.mordor.com/bet/>