Re: suid script

To: helge.hafting@daldata.no (Helge Hafting)
Cc: debian-user@lists.debian.org
Subject: Re: suid script
From: Jiri Baum <jiri@baum.com.au>
Date: Wed, 9 Dec 1998 00:06:10 +1100 (EST)
Message-id: <[🔎] E0znMqB-0000Og-00@legend.baum.com.au>
In-reply-to: <[🔎] m0znIrU-0008HrC@helgespc> from Helge Hafting at "Dec 8, 98 09:51:15 am"

Hello,

> So that's the problem with SUID scripts.  Seems to me it could be solved by
> *not* closing the script file, just keep it open.  Why can't that be done?

Because the first open is done by the kernel but the second by the shell.

> It can't be possible, or someone would surely have fixed it a long time ago?

Well, you'd have to change the semantics of #!

Currently, if the file "xyzzy" starts with the line "#!plugh", this executes
"plugh" with the argument "xyzzy". It's up to plugh to decide whether xyzzy is
a file to open, or something else, like a command-line switch[1].

The new semantics would probably invoke "plugh" with the argument "/dev/fd/3",
and have "xyzzy" open on filehandle 3.


Jiri <jiri@baum.com.au>

[1] yes, you can have a file called "-l" containing "#!/bin/ls" and, if your
PATH contains ".", it'll do exactly you'd expect...

Reply to:

References:
- Re: suid script
  - From: Helge Hafting <helge.hafting@daldata.no>

Prev by Date: "Re:" (off-topic)
Next by Date: Re: Where do I start fetchmail?
Previous by thread: Re: suid script
Next by thread: Re: suid script
Index(es):
- Date
- Thread