Date: Sun, 30 Aug 2009 09:07:11 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: perryh@pluto.rain.com Cc: rwmaillists@googlemail.com, freebsd-questions@freebsd.org Subject: Re: SUID permission on Bash script Message-ID: <4A9A332F.8070300@infracaninophile.co.uk> In-Reply-To: <4a9a0627.zA4OPJf/w06lQj0a%perryh@pluto.rain.com> References: <beaf3aa50908280124pbd2c760v8d51eb4ae965dedc@mail.gmail.com> <87y6p4pbd0.fsf@kobe.laptop> <20090829022431.5841d4de@gumby.homeunix.com> <4A98A8A1.7070305@prgmr.com> <4a98d375.W9fcoTOIN1DqRk/3%perryh@pluto.rain.com> <20090829134436.4461d8c9@gumby.homeunix.com> <4a9a0627.zA4OPJf/w06lQj0a%perryh@pluto.rain.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig7D43180CF0BC19960A8DF5C3 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable perryh@pluto.rain.com wrote: > RW <rwmaillists@googlemail.com> wrote: >> On Sat, 29 Aug 2009 00:06:29 -0700 >> perryh@pluto.rain.com wrote: >>> Actually, absent some careful cooperation between the >>> kernel and the interpreter to prevent a race condition ... >> isn't that the same issue that Matthew Seaman was saying >> was fixed years ago ... and is described in the follow-up: >> http://www.mail-archive.com/freebsd-questions@freebsd.org/msg185145.ht= ml >> >> That's entirely in the kernel, it doesn't require interpreter >> support. >=20 > Er, I'm pretty sure it _does_ require support in the interpreter. >=20 > It would do no good for the kernel to hand the interpreter an open > descriptor if the interpreter did not somehow know to read the > script from that open descriptor instead of opening the script file > by name. This approach is exactly the "careful cooperation between > the kernel and the interpreter" that I was referring to. Errr -- no. That's what fdescfs(5) is for. When the kernel execs=20 the interpreter, it tells the script to open /dev/fd/5 (for example) and doing that just connects the script to the open file descriptor the kernel used previously to taste the magic number and the #! line=20 of the script. As fdescfs(5) says: [...] the call: fd =3D open("/dev/fd/0", mode); and the call: fd =3D fcntl(0, F_DUPFD, 0); are equivalent. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------enig7D43180CF0BC19960A8DF5C3 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREIAAYFAkqaMzUACgkQ8Mjk52CukIzwDQCfR5dUD0TcnPPGzsW93ImEff6t SqsAni19AbAwlF3WLpTlxk4VO2aMEwCW =lhjq -----END PGP SIGNATURE----- --------------enig7D43180CF0BC19960A8DF5C3--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A9A332F.8070300>