home *** CD-ROM | disk | FTP | other *** search
- Date: Mon, 22 Mar 93 21:06:06 -0800
- From: ersmith@netcom.com (Eric R. Smith)
- Message-Id: <9303230506.AA22931@netcom4.netcom.com>
- To: hohmuth@freia.inf.tu-dresden.de, mint@terminator.rs.itd.umich.edu
- Subject: Re: seduid scripts
-
- >> I have no particular objection to putting #! interpretation in, but
- >> it would have to be "#!\bin\sh" rather than "#!/bin/sh".
-
- >Eric, have you any idea how setuid scripts could be achieved, then?
-
- How about a (setuid root) program that acts as a setuid server; i.e.
- whenever exec detects a #! as the first two characters of a file,
- it instead execs /bin/scripter (or whatever we want to call it) with
- the script file name as the first argument and the other parameters
- (if any) following it. /bin/scripter then checks the uid, gid, and
- permission bits, does appropriate setuid() and setgid() calls, and
- executes the interpreter (after performing any /->\ translations
- that are necessary).
-
- Obviously if the script is *not* setuid or setgid then exec can
- bypass /bin/scripter and just do the script directly.
-
-
-