[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: VI wrapper for SUDO? - another bad way ??

* William R. Ward <bill@wards.net> [2001.11.29 18:00:40-0800]:
> Question: Is it generally considered secure enough to sudo a bash
> script like your sucpaliases?  Or should a C equivalent be written
> instead?

no. especially not the quick'n'dirty version that alvin posted. i am
not criticizing, but there is an art to writing secure shell scripts.
i can't give you full details, but two things that you should *never*
forget is using absolute paths for binaries only. in addition, set
your PATH to the standard explicitly.

in alvin's example, he does

mv /tmp/aliases /etc/aliases

within the script run as root via sudo. it would not be hard to make
it take the script /tmp/mv that i have just provided instead of
/bin/mv, because all that the script cares about is which mv
executable if found first...

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
wind catches lily,
scattering petals to the ground.
segmentation fault.

Attachment: pgpZpNCZnS0K2.pgp
Description: PGP signature

Reply to: