Return to BSD News archive
Path: sserve!manuel.anu.edu.au!munnari.oz.au!network.ucsd.edu!dog.ee.lbl.gov!overload.lbl.gov!agate!spool.mu.edu!olivea!uunet!mcsun!sun4nl!tuegate.tue.nl!svin09!wzv!gvr.win.tue.nl!guido From: guido@gvr.win.tue.nl (Guido van Rooij) Newsgroups: comp.unix.bsd Subject: Re: [386bsd] Fix for kern_execve to allow suid/sgid shellscipts Message-ID: <4171@wzv.win.tue.nl> Date: 6 Dec 92 18:09:25 GMT References: <4165@wzv.win.tue.nl> <veit.723491073@du9ds3> <19694@ksr.com> Sender: news@wzv.win.tue.nl Lines: 29 jfw@ksr.com (John F. Woods) writes: #>veit@du9ds3 (Holger Veit) writes: #>>In <4165@wzv.win.tue.nl> guido@gvr.win.tue.nl (Guido van Rooij) writes: #>>>I noticed that suid/sgid shellscripts dont work with the current #>>>kern_execve.c. I made a quick hack to do so. #>>>Whenever a shellscript is found, the shell inherits the uid/gid #>>>(if one of the sbits was set of course). It's a quick hack #>>>as I said, but it works (so it seems ;-)) #>>>Comments are welcome. #>>No criticism of your code, but: there have been endless discussions about #>>the possible security leak that is opened by a badly-written suid #>>shellscript. Is this something we could really want? # #>Set-uid scripts are often extremely handy. Perhaps this could be made an #>option which could be enabled and disabled by a script that would also install #>a script which takes advantage of the hole and informs you of this fact to #>remind you of the dangers ;-). # They are handy, that's why I wrote that piece of code. However due to the fact that the name of the shell script is passed to the shell, you can quickly link it to another file and gain root privs. However, this is only possible if the you could run the suid/guid shellscript in the first place. So if you add this code to the kernel, make sure thatb when you make a suid/guid shell script, you use it only for yourself and mask away all group/world permissions. NEVER use it for general purpose /usr/bin applications. -Guido