Date: Thu, 06 Apr 2006 00:29:27 +0400 From: "Sply Splyeff" <lists@sply.org> To: freebsd-hackers@freebsd.org Subject: setuid scripts wrapper (RFC, proposal) Message-ID: <web-5266040@inc.ru>
next in thread | raw e-mail | index | archive | help
There are some security problems with kernel-level script setuid execution which discourage from using it. The standard recommendation is to write a binary setuid wrapper for each script needed. But maybe it's better to use one simple, well reviewed and verified setuid wrapper for all common tasks? And to use it in the distribution or at least, as a package. I've tried to set up the stanard wrapper for our systems which does following: - verifies if scipt's file system allowed to run setuid scrits - clears all environment variables, or pass only desired, or set to values from hash-line in the script - closes all file descriptros > 2 if -c options is set - checks if script file is write permission for anyone http://suidscript.sply.org/suidscript/suidscript.c http://suidscript.sply.org/suidscript/suidscriptperl http://suidscript.sply.org/suidscript/test_perl http://suidscript.sply.org/ Is it strong enough? Maybe there is any slippery ground left?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?web-5266040>