Date: Tue, 25 Feb 1997 08:33:14 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: hackers@freebsd.org Cc: jehamby@lightside.com (Jake Hamby), abelits@phobos.illtel.denver.co.us, angio@aros.net, auditors@freebsd.org Subject: Re: disallow setuid root shells? Message-ID: <Mutt.19970225083314.j@uriah.heep.sax.de> In-Reply-To: <199702250415.MAA23422@spinner.DIALix.COM>; from Peter Wemm on Feb 25, 1997 12:15:42 %2B0800 References: <Mutt.19970225005145.j@uriah.heep.sax.de> <199702250415.MAA23422@spinner.DIALix.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
As Peter Wemm wrote: > ksh doesn't require -p to be specified, it detects uid != euid and turns > it on automatically. It has the same effect as -p in /bin/sh. In ksh > however, you can turn off the 'p' option and ksh will revoke it's setuid > right then. Just for the records: our /bin/sh does the same. > All that's required then for a reasonably secure script is explicitly > setting IFS on the first line of the script, and extreme caution. Ah, having seen so numerous complaints from suidperl about tainted variables, i wouldn't ever in the world try to write a suid shell script. :-) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19970225083314.j>