In message <[EMAIL PROTECTED]>, Piet van Oostrum wrote: > The scenario is as follows: Suppose the script starts with the line: > #!/usr/bin/python > > (using #!/usr/bin/env python would be disastrous because the user could > supply his own `python interpreter' in his PATH.) > > Now a malicious user can make a link to this file in his own directory, > e.g. to /Users/eve/myscript1. Because permissions are part of the file > (inode), not of the file name, this one is also suid. > > Now she execs /Users/eve/myscript1. The kernel, when honoring suid > scripts, would startup python with effective uid root with the command > line: /usr/bin/env /Users/eve/myscript1
No it wouldn't. This security hole was fixed years ago. -- http://mail.python.org/mailman/listinfo/python-list
