Re: suid script

To: Brandon Mitchell <bhmit1@mail.wm.edu>
Cc: Debian User Lists <debian-user@lists.debian.org>
Subject: Re: suid script
From: Joey Hess <joey@kitenet.net>
Date: Thu, 3 Dec 1998 10:02:36 -0800
Message-id: <[🔎] 19981203100236.F16779@kitenet.net>
Mail-followup-to: Brandon Mitchell <bhmit1@mail.wm.edu>, Debian User Lists <debian-user@lists.debian.org>
In-reply-to: <[🔎] Pine.LNX.3.96.981203122534.8274A-100000@wm7-214.resnet.wm.edu>; from Brandon Mitchell on Thu, Dec 03, 1998 at 12:29:46PM -0500
References: <[🔎] 19981203063626.A10068@kitenet.net> <[🔎] Pine.LNX.3.96.981203122534.8274A-100000@wm7-214.resnet.wm.edu>

Brandon Mitchell wrote:
> Dang, looks like you are right Joey, at least I can't get a counter
> example working.  I have been forced to write csh scripts on linux that
> are run by suid programs because bash will drop it's privleges to the
> real user id. So, at least is some aspects, bash is worse than others.
> Any idea why the kernel does this (if it really does, I'm still not sure
> of it)? 

Because shell scripts are supposidly very often full of securitry holes when
suid.

-- 
see shy jo

Reply to:

Follow-Ups:
- Re: suid script
  - From: john@dhh.gt.org
- Re: suid script
  - From: pat@patoche.org

References:
- Re: suid script
  - From: Joey Hess <joey@kitenet.net>
- Re: suid script
  - From: Brandon Mitchell <bhmit1@mail.wm.edu>

Prev by Date: Re: Is this really the right thing to do?
Next by Date: Re: Understanding /root Re: My solution
Previous by thread: Re: suid script
Next by thread: Re: suid script
Index(es):
- Date
- Thread