> Actually, absent some careful cooperation between the kernel
> and the interpreter to prevent a race condition that can cause
> the interpreter to run (with elevated permissions) a completely
> different script than the one that was marked setuid, setuid
> scripts _are_ insecure in a way that _cannot_ be fixed by any
> degree of care that might be taken in the writing of the script.
Wow. I had no idea.
A while back a coworker asked me to help figure out why he couldn't get
his script to run setuid on Linux. Some investigation turned up that
the Linux kernel explicitly forbids setuid programs whose first two
bytes are # and !.
So it disables even setuid scripts that don't use the shell, like Python
or Perl scripts.
I came across a page that explained all the different ways setuid
scripts could screw up - one would have to be a rocket scientist to
avoid all the potential pitfalls.
Michael David Crawford
prgmr.com - We Don't Assume You Are Stupid.
Xen-Powered Virtual Private Servers: http://prgmr.com/xen
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"