Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 29 Aug 2009 00:17:24 -0700
From:      Michael David Crawford <mdc@prgmr.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: SUID permission on Bash script
Message-ID:  <4A98D604.3020303@prgmr.com>
In-Reply-To: <4a98d375.W9fcoTOIN1DqRk/3%perryh@pluto.rain.com>
References:  <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com> <87y6p4pbd0.fsf@kobe.laptop> <20090829022431.5841d4de@gumby.homeunix.com> <4A98A8A1.7070305@prgmr.com> <4a98d375.W9fcoTOIN1DqRk/3%perryh@pluto.rain.com>

next in thread | previous in thread | raw e-mail | index | archive | help
perryh@pluto.rain.com wrote:
 > Actually, absent some careful cooperation between the kernel
 > and the interpreter to prevent a race condition that can cause
 > the interpreter to run (with elevated permissions) a completely
 > different script than the one that was marked setuid, setuid
 > scripts _are_ insecure in a way that _cannot_ be fixed by any
 > degree of care that might be taken in the writing of the script.

Wow.  I had no idea.

A while back a coworker asked me to help figure out why he couldn't get 
his script to run setuid on Linux.  Some investigation turned up that 
the Linux kernel explicitly forbids setuid programs whose first two 
bytes are # and !.

So it disables even setuid scripts that don't use the shell, like Python 
or Perl scripts.

I came across a page that explained all the different ways setuid 
scripts could screw up - one would have to be a rocket scientist to 
avoid all the potential pitfalls.

Mike
-- 
Michael David Crawford
mdc@prgmr.com

    prgmr.com - We Don't Assume You Are Stupid.

       Xen-Powered Virtual Private Servers: http://prgmr.com/xen



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A98D604.3020303>