From owner-freebsd-questions@FreeBSD.ORG  Sat Aug 29 04:04:08 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 563D31065670
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Aug 2009 04:04:08 +0000 (UTC) (envelope-from mdc@prgmr.com)
Received: from mail.prgmr.com (mail.prgmr.com [64.62.173.114])
	by mx1.freebsd.org (Postfix) with ESMTP id 43FC18FC14
	for <freebsd-questions@freebsd.org>;
	Sat, 29 Aug 2009 04:04:08 +0000 (UTC)
Received: from frylock.local (c-24-5-73-149.hsd1.ca.comcast.net [24.5.73.149])
	by mail.prgmr.com (Postfix) with ESMTP id 1E23C68B5B
	for <freebsd-questions@freebsd.org>;
	Fri, 28 Aug 2009 21:06:02 -0700 (PDT)
Message-ID: <4A98A8A1.7070305@prgmr.com>
Date: Fri, 28 Aug 2009 21:03:45 -0700
From: Michael David Crawford <mdc@prgmr.com>
Organization: Prgmr.com
User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605)
MIME-Version: 1.0
CC: freebsd-questions@freebsd.org
References: <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com>	<87y6p4pbd0.fsf@kobe.laptop>
	<20090829022431.5841d4de@gumby.homeunix.com>
In-Reply-To: <20090829022431.5841d4de@gumby.homeunix.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: SUID permission on Bash script
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Aug 2009 04:04:08 -0000

RW wrote:
> So are scripts actually incapable of running setuid?

They aren't on Linux.  I learned about that a while back when I 
investigated setuid scripts for a coworker.

It's not that setuid shell scripts are really more inherently insecure 
than programs written in C.  The problem is more that those who write 
such scripts tend not to observe the proper precautions.

For example if you don't set the PATH explicitly, and you don't give 
absolute pathnames to all the subprograms you run, then a trojan that 
has the same name as some standard program can get run as root.

If a program is going to be setuid at all, you really have to know what 
you're doing when you write it or else you'll find yourself opening a 
can of worms.

Mike
-- 
Michael David Crawford
mdc@prgmr.com

    prgmr.com - We Don't Assume You Are Stupid.

       Xen-Powered Virtual Private Servers: http://prgmr.com/xen