Re: suid script
On: 03 Dec 1998 12:58:14 -0600 john writes:
>
> Joey Hess writes:
>> Because shell scripts are supposidly very often full of securitry holes when
>> suid.
>
> There's a bit more to it. There is a race condition that would
> permit you to substitute a script of your choice for the suid script
> and have it run suid.
Other Unixes provides an alternate mechanismus[1]. Is it secure and
does Linux support it?
Torsten
Footnotes:
[1] The kernel opens the script by itself and the interpreter/shell
uses a /dev/fd/<number> devices to access the already open file.
Reply to: