Followup to: <8853141@sneezy.Dartmouth.ORG>
By author: Preston.F.Crow.Adv94@Alum.Dartmouth.ORG (Preston F. Crow Adv94)
In newsgroup: linux.dev.kernel
>
> Yes, I know that it would be an understatement to say that people don't
> like the idea of suid scripts from a security standpoint, but in some
> environments, enabling them would be very useful (such as when migrating
> from another Unix that uses them) and relatively safe (such as when all
> users have the root password). Anyway, having it as a config option that
> would be turned off in standard distributions shouldn't be a problem.
>
> Hence, I've written a patch to do just that. It's one line of added code,
> and a bunch of configuration file updates. The patch is against
> 2.2.16-pre4, but has worked with 2.2.15 and 2.2.16-pre8, though the line
> numbers are different. I suspect it will work with most later 2.2 kernels.
>
You *do* know that this patch is functionally equivalent to setting
/bin/sh setuid root, right?
A much better way to do this is to create a setuid wrapper C program
(call it, say /bin/suidsh) *which sanitizes your environment*, opens a
file descriptor, fstats() the file, checks its permissions and then
calls sh with /proc/self/fd/<filedescriptor> as the script name.
Perl has been using this method -- except integrated better -- to
support setuid Perl scripts for ages.
There is also the sudo command.
-hpa
-- <hpa@transmeta.com> at work, <hpa@zytor.com> in private! "Unix gives you enough rope to shoot yourself in the foot."- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:28 EST