Return to BSD News archive
Path: sserve!manuel.anu.edu.au!munnari.oz.au!sgiblab!sdd.hp.com!cs.utexas.edu!usc!sol.ctr.columbia.edu!caen!uunet!mcsun!sun4nl!tuegate.tue.nl!svin09!wzv!gvr.win.tue.nl!guido
From: guido@gvr.win.tue.nl (Guido van Rooij)
Newsgroups: comp.unix.bsd
Subject: [386bsd] Fix for kern_execve to allow suid/sgid shellscipts
Message-ID: <4165@wzv.win.tue.nl>
Date: 3 Dec 92 20:36:11 GMT
Sender: news@wzv.win.tue.nl
Organization: Guido's home 486 box
Lines: 75
I noticed that suid/sgid shellscripts dont work with the current
kern_execve.c. I made a quick hack to do so.
Whenever a shellscript is found, the shell inherits the uid/gid
(if one of the sbits was set of course). It's a quick hack
as I said, but it works (so it seems ;-))
Comments are welcome.
The diff is made with the patchkit (1 to 58) installed.
-Guido
---------------
*** kern_execve.c Thu Dec 3 21:33:22 1992
--- kern_execve.c~ Fri Oct 16 11:07:51 1992
***************
*** 114,124 ****
struct exec ex_hdr;
} exdata;
int indir = 0;
- /* Implement set userid/groupid for shell scripts as well,
- *
- * G. van Rooij, 3 dec 1992
- */
- int inh_suid = 0, inh_sgid = 0, inh_va_uid,inh_va_gid;
/*
* Step 1. Lookup filename to see if we have something to execute.
--- 114,119 ----
***************
*** 153,175 ****
goto exec_fail;
}
- /* Implement set userid/groupid for shell scripts as well,
- *
- * G. van Rooij, 3 dec 1992
- */
- if(indir) {
- /* Force the attributes to the saved ones of the shell (if the shell was
- * suid/guid of course..
- */
- if(inh_suid) {
- attr.va_uid = inh_va_uid;
- attr.va_mode |= VSUID;
- }
- if(inh_sgid) {
- attr.va_gid = inh_va_gid;
- attr.va_mode |= VSGID;
- }
- }
/*
* Step 2. Does the file contain a format we can
* understand and execute
--- 148,153 ----
***************
*** 227,244 ****
ndp->ni_dirp = shellname; /* find shell interpreter */
ndp->ni_segflg = UIO_SYSSPACE;
- /* Implement set userid/groupid for shell scripts as well,
- *
- * G. van Rooij, 3 dec 1992
- */
- if (attr.va_mode&VSUID) {
- inh_suid = 1;
- inh_va_uid=attr.va_uid;
- }
- if (attr.va_mode&VSGID) {
- inh_sgid = 1;
- inh_va_gid=attr.va_gid;
- }
goto again;
}
--- 205,210 ----