Return to BSD News archive
Received: by minnie.vk1xwt.ampr.org with NNTP id AA6646 ; Mon, 11 Jan 93 19:04:01 EST Path: sserve!manuel.anu.edu.au!dubhe.anu.edu.au!csis!munnari.oz.au!sgiblab!swrinde!cs.utexas.edu!uunet!mcsun!sun4nl!tuegate.tue.nl!svin09!wzv!gvr.win.tue.nl!guido From: guido@gvr.win.tue.nl (Guido van Rooij) Newsgroups: comp.unix.bsd Subject: Re: kern_execve.c (patch) Keywords: patch kern_execve.c #! Message-ID: <4347@wzv.win.tue.nl> Date: 12 Jan 93 22:03:47 GMT References: <1isforINNbb7@urmel.informatik.rwth-aachen.de> <4346@wzv.win.tue.nl> Sender: news@wzv.win.tue.nl Lines: 11 guido@gvr.win.tue.nl (Guido van Rooij) writes: >As I posted before, now it isn't dangerous anymore to put in suid/sgid >shell-script possibilities, since you can easily overcome the well-known >"linking to -i" bug, by altering the #! line into #!<shell> - This last is true, but I was wrong about saying that thsi solves all problems with suid/sgid scripts. Maybe someone else can take effort to change the code such that it doesn't pass the scripts name to the shell, but in stead opens the file and pass the file handle? -Guido