From owner-freebsd-hackers  Mon Feb 24 06:50:16 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id GAA22281
          for hackers-outgoing; Mon, 24 Feb 1997 06:50:16 -0800 (PST)
Received: from rover.village.org (rover.village.org [204.144.255.49])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id GAA22174;
          Mon, 24 Feb 1997 06:45:56 -0800 (PST)
Received: from rover.village.org [127.0.0.1] 
	by rover.village.org with esmtp (Exim 0.56 #1)
	id E0vz1df-0004dM-00; Mon, 24 Feb 1997 07:44:23 -0700
To: Adrian Chadd <adrian@obiwan.aceonline.com.au>
Subject: Re: disallow setuid root shells? 
Cc: Jake Hamby <jehamby@lightside.com>, hackers@freebsd.org,
        auditors@freebsd.org
In-reply-to: Your message of "Mon, 08 Jan 1996 04:35:15 +0800."
		<Pine.BSF.3.95q.960108043026.5974A-100000@obiwan.aceonline.com.au> 
References: <Pine.BSF.3.95q.960108043026.5974A-100000@obiwan.aceonline.com.au>  
Date: Mon, 24 Feb 1997 07:44:23 -0700
From: Warner Losh <imp@village.org>
Message-Id: <E0vz1df-0004dM-00@rover.village.org>
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In message <Pine.BSF.3.95q.960108043026.5974A-100000@obiwan.aceonline.com.au> Adrian Chadd writes:
: Since i'm reviewing /bin/sh and /bin/csh, it might make an interesting
: addition. Anyone see any use for +s'ed shells ? Anything it can do, sudo
: can do (and sudo AFAIK is much smaller, so less code to screw around
: with), and I think its a good idea.
: 
: Suggestions ?

That might not be a bad idea.  However, it is fairly easy to work
around if I can make a /bin/sh setuid, I can make anything I anything
I want setuid and then do a setuid(0); exec /bin/sh (or /bin/csh).  It
would help firewall somethings, but it wouldn't solve the problem.

sudo isn't a shell.  It doesn't run scripts or read commands from
anything but the command line.

Warner