Date: Mon, 26 Apr 1999 11:43:32 +0200 (MET DST) From: "Wilhelm B. Kloke" <wb@vestein.arb-phys.uni-dortmund.de> To: FreeBSD-gnats-submit@freebsd.org Subject: misc/11328: a problem with setuid scripts Message-ID: <199904260943.LAA40719@vestein.arb-phys.uni-dortmund.de>
next in thread | raw e-mail | index | archive | help
>Number: 11328 >Category: misc >Synopsis: a problem with setuid scripts >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Mon Apr 26 02:50:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Wilhelm B. Kloke >Release: FreeBSD 3.1-RELEASE i386 >Organization: >Environment: >Description: It seems that a setuid bit in shell scripts is not honored. This may be necessary to avoid security lecks. This is not mentioned explicitly in execve(2). I tried even set setuid in /bin/sh, temporarily. I don't know whether this is a bug or feature. If it is a feature, then the example slip.login and the manual page sliplogin(8) are probably incorrect, as the process does not work as described. >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904260943.LAA40719>