home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!charon.amdahl.com!pacbell.com!decwrl!sun-barr!ames!agate!doc.ic.ac.uk!uknet!pavo.csi.cam.ac.uk!pc123
- From: pc123@cus.cam.ac.uk (Pete Chown)
- Newsgroups: comp.security.misc
- Subject: Re: Setuid file
- Message-ID: <1992Nov8.195246.11588@infodev.cam.ac.uk>
- Date: 8 Nov 92 19:52:46 GMT
- References: <1d9ggiINNsfb@sequoia.ccsd.uts.EDU.AU> <1992Nov5.090120.14723@lut.ac.uk> <1992Nov7.203923.522@news.Hawaii.Edu>
- Sender: news@infodev.cam.ac.uk (USENET news)
- Organization: U of Cambridge, England
- Lines: 22
- Nntp-Posting-Host: bootes.cus.cam.ac.uk
-
- In article <1992Nov7.203923.522@news.Hawaii.Edu> newsham@wiliki.eng.hawaii.edu (Timothy Newsham) writes:
- >
- >I just made an empty file with +x perms and typed in its
- >name at the shell prompt. It apparently tried to execute it
- >and for some reason sourced my .cshrc. This is on an older
- >HPUX system. I didnt however set it suid since I am a non-priveledged
- >user so I cant tell you if it would work as suid. (I think i
- >remember that hpux wouldnt run shell scripts with out the '#!' in
- >them as suid, maybe just a local patch?)
-
- Most shells try to run scripts without a #! at the start by passing
- the name as an argument to sh or csh. This is entirely a shell
- feature and has nothing to do with the kernel. Because the shell is
- non-privileged, the resulting process that sources your .cshrc will
- also be.
-
- So this is one case where setuid scripts are harmless (if also
- ineffectual since even the legitimate code won't run with privilege).
- --
- ---------------------------------------------+ "A tight hat can be stretched.
- Pete Chown, pc123@phx.cam.ac.uk (Internet) | First damp the head with steam
- pc123@uk.ac.cam.phx (Janet :-) -+ from a boiling kettle."
-
