From owner-freebsd-questions@FreeBSD.ORG Sun Feb 10 09:14:01 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DC7EF16A469 for ; Sun, 10 Feb 2008 09:14:01 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 2BDF713C442 for ; Sun, 10 Feb 2008 09:14:00 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) by smtp.infracaninophile.co.uk (8.14.2/8.14.2) with ESMTP id m1A9DrS9035462; Sun, 10 Feb 2008 09:13:55 GMT (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: Sendmail DKIM Filter v2.4.4 smtp.infracaninophile.co.uk m1A9DrS9035462 Authentication-Results: smtp.infracaninophile.co.uk; dkim=hardfail (SSP) header.i=unknown Message-ID: <47AEC051.5050808@infracaninophile.co.uk> Date: Sun, 10 Feb 2008 09:13:53 +0000 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 2.0.0.9 (X11/20080209) MIME-Version: 1.0 To: "gs_stoller@juno.com" References: <20080210.033421.6825.0@webmail09.dca.untd.com> In-Reply-To: <20080210.033421.6825.0@webmail09.dca.untd.com> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (smtp.infracaninophile.co.uk [IPv6:::1]); Sun, 10 Feb 2008 09:13:55 +0000 (GMT) X-Virus-Scanned: ClamAV 0.92/5763/Sun Feb 10 04:54:11 2008 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-3.0 required=5.0 tests=AWL,BAYES_00,NO_RELAYS autolearn=ham version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on happy-idiot-talk.infracaninophile.co.uk Cc: freebsd-questions@freebsd.org, xfb52@dial.pipex.com Subject: Re: /usr/local/etc/rc.d/ scripts and non-root user X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Feb 2008 09:14:01 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 gs_stoller@juno.com wrote: > On Wed, 06 Feb 2008, Alex Zbyslaw wrote > SNIP >> Setuid/gid bits on shell scripts aren't considered safe, however and may >> even be disabled. > THERE IS NO REASON FOR THIS, JUST USE THE FILE-SYSTEM TO PROTECT THE > FILES (MAKE THEM NOT WRITEABLE). Scripts are no more susceptible to > sabotage and misuse than binary files, it is just that scripts can be > more easily decoded and understood than binary files, and so > management (that usually doesn't know much about a computer system) > becomes frightened and issues orders to relieve their stress. There's no particular reason that setuid bits on scripts are dangerous nowadays. However in the dim and distant past (before the millenium) there used to be a race condition on opening files that meant it was trivial to use a setuid script to get a shell running under the target UID. The horror of this situation seems to have branded itself so deeply on the Unix psyche that even now, when that race condition has been eliminated for many years, there is still a lingering reflex response: "setuid scripts bad." Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHrsBR8Mjk52CukIwRCF9HAJ0RV95skb+MVcRjIJVpkLoVxId7BgCfQ14Y VyixVUuRczh96zewYpx24ik= =X1Lc -----END PGP SIGNATURE-----