[200] in bugtraq
Re: Setuid programs run from shell scripts?
daemon@ATHENA.MIT.EDU (Karl Strickland)
Wed Nov 16 21:24:19 1994
From: Karl Strickland <karl@bagpuss.demon.co.uk>
To: Quentin.Fennessy@sematech.org (Quentin Fennessy)
Date: Wed, 16 Nov 1994 08:55:48 +0000 (GMT)
Cc: fred@nasirc.hq.nasa.gov, mcn@c3serve.c3.lanl.gov, bugtraq@fc.net,
Quentin.Fennessy@sematech.org
In-Reply-To: <199411151942.NAA10420@thecount.eng.sematech.org> from "Quentin Fennessy" at Nov 15, 94 01:42:54 pm
>
> > text deleted...
> > (Not to get into the set-UID shell-script argument again. ;-)
> > Clearly, the set-UID bit on one or the other must take precedence.
> > Someone, somewhere decided that it would be the set-UID bit on the
> > script. This was maybe the wrong decision, but it's the one we're
> > stuck with, for the moment at least.
> > -----
>
> Fred-
> A shell script runs under the uid of the account executing it.
> I don't think there is any way for a script or any other subprocess
> to know whether it is being executed by any given account or by
> an account using a setuid program.
isnt that what real & effective uid's are for?!
> So the script suid has to take
> preference.
why?! i dont follow the logic.
> Unless you ignore suid on scripts altogether.
>
> Quentin
--
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD | Karl Strickland
PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk
|
