Re: Bug#762839: bash without importing shell functions from the environment

To: debian-devel@lists.debian.org
Subject: Re: Bug#762839: bash without importing shell functions from the environment
From: Matthias Urlichs <matthias@urlichs.de>
Date: Tue, 30 Sep 2014 11:57:19 +0200
Message-id: <[🔎] 20140930095719.GE7184@smurf.noris.de>
In-reply-to: <[🔎] alpine.DEB.2.11.1409301056180.20674@tglase.lan.tarent.de>
References: <[🔎] 21540.13505.438186.122045@chiark.greenend.org.uk> <[🔎] 20140925162026.GA11755@type.bordeaux.inria.fr> <[🔎] 20140925191758.GA6306@smurf.noris.de> <[🔎] CAH_OBiczwQtFJ884SVafRaMV-H0C-byGxVdv34Bhys=kw5MxLw@mail.gmail.com> <[🔎] 20140926164837.GC6306@smurf.noris.de> <[🔎] alpine.DEB.2.11.1409301056180.20674@tglase.lan.tarent.de>

Hi,

Thorsten Glaser:
> On Fri, 26 Sep 2014, Matthias Urlichs wrote:
> 
> > In any case, adding "-p" to any #!/bin/bash shebang line looks like a very
> > good idea. Shall we add a Lintian check for this?
> 
> ***ABSOLUTELY NOT***
> 
> The -p option is for the shell to *not* drop privileges when
> called setuid.

Yes, it does that. It _also_ does all the other sanity-preserving things a
shell started in an insecure environment should do.

IMHO, code which calls a shell script with euid != ruid is buggy anyway,
because it _cannot_ depend on the shell to pro-actively fix that omission.
Any other program which happens to not be a #!/bin/bash shell script,
started the same way, will not reset its euid either. I don't expect any
other shell to care; the dash(1) manpage implies that it does not, for
instance.

Therefore I do not think that adding this flag would create any new
security problems.

Feel free to find a real-world counterexample.

-- 
-- Matthias Urlichs

Reply to:

References:
- bash without importing shell functions from the environment
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Bug#762839: bash without importing shell functions from the environment
  - From: Samuel Thibault <sthibault@debian.org>
- Re: Bug#762839: bash without importing shell functions from the environment
  - From: Matthias Urlichs <matthias@urlichs.de>
- Re: Bug#762839: bash without importing shell functions from the environment
  - From: shawn wilson <ag4ve.us@gmail.com>
- Re: Bug#762839: bash without importing shell functions from the environment
  - From: Matthias Urlichs <matthias@urlichs.de>
- Re: Bug#762839: bash without importing shell functions from the environment
  - From: Thorsten Glaser <tg@debian.org>

Prev by Date: Re: Bug#762839: bash without importing shell functions from the environment
Next by Date: Re: Bug#762839: bash without importing shell functions from the environment
Previous by thread: Re: Bug#762839: bash without importing shell functions from the environment
Next by thread: Re: Bug#762839: bash without importing shell functions from the environment
Index(es):
- Date
- Thread