Re: setuid scripts in SunOS 4.1.x

Paul O'Donnell (pod@morgan.com)
Tue, 27 Sep 1994 11:26:05 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"
Previous message: Peter Jeremy: "Re: setuid scripts in SunOS 4.1.x"
In reply to: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"
Next in thread: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"

Fred Blonder reckons:
>Ummm, then how's it going to cope with set-uid perl scripts, which ARE
>rumored to be secure?  You could have a table of 'ok shell
>interpreters' in the kernel, but that would be extremely ugly.
>
>Since the problem is in /bin/sh, that is where it should be solved, or
>at least avoided.  If you across-the-board disable all set-uid shell
>interpreters, that will infuriate the few who do it right, and remove

Bzzzt, thank you for playing.  Some of the problems are in /bin/sh.
The most disturbing problem is a race condition in the kernel
between the permissions check (which assigns the effective uid) and
the opening of the file by the interpreter.  This race condition
can be exploited to subvert secrity.

Perl requires a C wrapper to run setuid, the wrapper is not subject
to the race condition.

Next message: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"
Previous message: Peter Jeremy: "Re: setuid scripts in SunOS 4.1.x"
In reply to: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"
Next in thread: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"