Re: suid script
Helge Hafting <helge.hafting@daldata.no> writes:
> > problem: you can change the content of the file between the two !!
> > so you can have your script, running as root, executing whatever
> > you want !!
>
> So that's the problem with SUID scripts. Seems to me it could be
> solved by *not* closing the script file, just keep it open. Why
> can't that be done?
It has been done in some Unixes. I've read about it in the Llama
book, 2nd edition, pg. 361. They use /dev/fd/3 to pass the already
open script to the command interpreter. According to this book "Most
modern releases of SysVr4 and BSD 4.4 use this approach ...".
> It can't be possible, or someone would surely have fixed it a long
> time ago?
I wonder if this is possible in Linux too?
Torsten
--
Homepage: http://www.in-berlin.de/User/myrkr
Reply to: