Return to BSD News archive
Path: sserve!manuel.anu.edu.au!munnari.oz.au!spool.mu.edu!olivea!uunet!mcsun!Germany.EU.net!tools!ws From: ws@tools.de (Wolfgang Solfrank) Newsgroups: comp.unix.bsd Subject: Re: [386bsd] Fix for kern_execve to allow suid/sgid shellscipts Message-ID: <WS.92Dec8150947@kurt.tools.de> Date: 8 Dec 92 23:09:47 GMT References: <4165@wzv.win.tue.nl> <veit.723491073@du9ds3> <19694@ksr.com> <4171@wzv.win.tue.nl> Organization: TooLs GmbH, Bonn, Germany Lines: 11 NNTP-Posting-Host: kurt.tools.de In-reply-to: guido@gvr.win.tue.nl's message of 6 Dec 92 18:09:25 GMT In article <4171@wzv.win.tue.nl> guido@gvr.win.tue.nl (Guido van Rooij) writes: So if you add this code to the kernel, make sure thatb when you make a suid/guid shell script, you use it only for yourself and mask away all group/world permissions. NEVER use it for general purpose /usr/bin applications. Why should I need a script (or any other executable) with permission rws------? If noone but the owner can execute the script, when he runs it he does have the requested uid anyway :-). -- ws@tools.de (Wolfgang Solfrank, TooLs GmbH) +49-228-985800