Re: suid script

To: debian-user@lists.debian.org
Subject: Re: suid script
From: Torsten Hilbrich <Torsten.Hilbrich@gmx.net>
Date: 04 Dec 1998 16:02:30 +0100
Message-id: <[🔎] 87lnkoq7ax.fsf@myrkr.in-berlin.de>
References: <[🔎] 19981203063626.A10068@kitenet.net> <[🔎] Pine.LNX.3.96.981203122534.8274A-100000@wm7-214.resnet.wm.edu> <[🔎] 19981203100236.F16779@kitenet.net> <[🔎] 87af15t5mh.fsf@hasler.dhh>

On: 03 Dec 1998 12:58:14 -0600 john  writes:
> 
> Joey Hess writes:
>> Because shell scripts are supposidly very often full of securitry holes when
>> suid.
> 
> There's a bit more to it.  There is a race condition that would
> permit you to substitute a script of your choice for the suid script
> and have it run suid.

Other Unixes provides an alternate mechanismus[1].  Is it secure and
does Linux support it?

	Torsten

Footnotes: 
[1] The kernel opens the script by itself and the interpreter/shell
uses a /dev/fd/<number> devices to access the already open file.

Reply to:

References:
- Re: suid script
  - From: Joey Hess <joey@kitenet.net>
- Re: suid script
  - From: Brandon Mitchell <bhmit1@mail.wm.edu>
- Re: suid script
  - From: Joey Hess <joey@kitenet.net>
- Re: suid script
  - From: john@dhh.gt.org

Prev by Date: Re: Unused libs for deletion?
Next by Date: Re: What installation with Debian 2.0?
Previous by thread: Re: suid script
Next by thread: Re: suid script
Index(es):
- Date
- Thread