> Actually, absent some careful cooperation between the kernel
> and the interpreter to prevent a race condition that can cause
> the interpreter to run (with elevated permissions) a completely
> different script than the one that was marked setuid, setuid
> scripts _are_ insecure in a way that _cannot_ be fixed by any
> degree of care that might be taken in the writing of the script.

Wow.  I had no idea.

A while back a coworker asked me to help figure out why he couldn't get his script to run setuid on Linux. Some investigation turned up that the Linux kernel explicitly forbids setuid programs whose first two bytes are # and !.

So it disables even setuid scripts that don't use the shell, like Python or Perl scripts.

I came across a page that explained all the different ways setuid scripts could screw up - one would have to be a rocket scientist to avoid all the potential pitfalls.

Michael David Crawford - We Don't Assume You Are Stupid.

      Xen-Powered Virtual Private Servers:
_______________________________________________ mailing list
To unsubscribe, send any mail to ""

Reply via email to