Re: setuid scripts in SunOS 4.1.x

John Hawkinson (jhawk@panix.com)
Wed, 28 Sep 1994 01:02:48 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Pat Myrto: "Security Info (root broken)"
Previous message: Rafi Sadowsky: "Re: setuid scripts in SunOS 4.1.x"
In reply to: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"
Next in thread: Valdis.Kletnieks@vt.edu: "Re: setuid scripts in SunOS 4.1.x"

> Well, now that I've been trounced upon by several of you folks,  ;-) I
> realize that that by 'fixing the kernel' I was (mistakenly) assuming
> that what was meant was 'disable set-uid interpreter scripts'.  It was
> disabling them entirely that I disagree with.  Yes, I am aware of the
> race condition with such scripts, and agree that it needs to be solved
> before such scripts have any hope of being considered 'safe'.

Excuse me?

When we say FIXING THE KERNEL, we MEAN DISABLING SETUID SCRIPTS.

If you have some other reasonable mechanism, I'd be interested in
hearing it...

> While we're on the subject: What should happen if you have a set-uid
> interpreter script and the interpreter it invokes is also set-uid to a
> different uid?  This is a philosophical point, so I suppose the
> discussion should be moved to some other list or newsgroup.

Well, under SunOS 4.1.3, which was the OS in question, it keeps
the uid/gid of the script, not the interpreter. This is arguably
more consistent than taking the uid & gid of the interpreter.

--
John Hawkinson
jhawk@panix.com

Next message: Pat Myrto: "Security Info (root broken)"
Previous message: Rafi Sadowsky: "Re: setuid scripts in SunOS 4.1.x"
In reply to: Fred Blonder: "Re: setuid scripts in SunOS 4.1.x"
Next in thread: Valdis.Kletnieks@vt.edu: "Re: setuid scripts in SunOS 4.1.x"