From owner-freebsd-hackers@FreeBSD.ORG  Tue Apr 11 15:20:48 2006
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ED3FD16A403
	for <freebsd-hackers@freebsd.org>; Tue, 11 Apr 2006 15:20:48 +0000 (UTC)
	(envelope-from lists@sply.org)
Received: from inc.ru (mail6.net.incru.net [62.205.161.39])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C2E6743D67
	for <freebsd-hackers@freebsd.org>; Tue, 11 Apr 2006 15:20:45 +0000 (GMT)
	(envelope-from lists@sply.org)
Received: from [62.205.161.39] (account lists@sply.org)
	by inc.ru (CommuniGate Pro WebUser 4.1.8)
	with HTTP id 5333059; Tue, 11 Apr 2006 19:18:43 +0400
From: "Sply Splyeff" <lists@sply.org>
To: Peter Jeremy <peterjeremy@optushome.com.au>
X-Mailer: CommuniGate Pro WebUser Interface v.4.1.8
Date: Tue, 11 Apr 2006 19:18:43 +0400
Message-ID: <web-5333059@inc.ru>
In-Reply-To: <web-5280144@inc.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset="KOI8-R"
Content-Transfer-Encoding: 8bit
Cc: freebsd-hackers@freebsd.org
Subject: Re: setuid scripts wrapper (RFC, proposal)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2006 15:20:49 -0000

I've uploaded suidscript.c with updates:
http://suidscript.sply.org/suidscript/suidscript.c
http://suidscript.sply.org/suidscript.tgz

Current implementation checks the safety of an interpreter path and of a script path - all nodes required to be owned by root or script owner and writable only by owner. It's a big limitation, but it works in most cases.

I've tried /dev/fd/ way, but it requires fdescfs mounted which is not common for different freebsd versions and sometimes seems a little buggy. I've included suidscript_fdesc.c which implements /dev/fd/*, but I haven't evere tested it because mount_fdescfs crashes.