[Re: [[Sig] Setuid -- am I doing it right?]]

[Paul F.Ryan]

I believe it has to do with a script being run in a sub-shell, while an
executable is under your current process.  If you fail to trap all the signals
in your script, a user could break out and roam about as root.  Other
opinions/explantions are welcomed since I'm running on my failing, aged memory
out here in Chicago.

You may also wish to reference `man setuid` and `man setreuid`.

Paul

Randy Kramer <rhkramer@fast.net> wrote:
> Paul,
> 
> Thanks!
> 
> I wonder if I can recompile some of my old Turbo Pascal or Visual Basic
> programs under Linux? ;-)
> 
> BTW, what am I missing -- why does allowing setuid on an executable
> create less of a security risk than allowing setuid on a script, except
> to the extent that maybe fewer people can write a c program or
> understand and modify a binary?  I guess that is the difference -- I
> know that I can do anything in a c program that a script can do, whether
> I can write something like `chown nobody` in c or have to set the file
> parameters using something that looks more like "real" c code.  
> 
> And, if there is no less of a security risk, isn't that a variety of
> "security by obscurity" (as some critics of Microsoft and proponents of
> open source software deprecate)?  (I better not go there -- just an
> observation -- not a question for you but more a rhetorical question for
> the Microsoft critics. ;-)
> 
> Randy Kramer
> 
> Paul F.Ryan wrote:
> > 
> > I fought this problem years back before discovering that Linux does not
> > support SETUID/SETGID on scripts, only executables.  It would e a BIG
security
> > hole if they allowed it...
> > 
> > The solution?  Write it in 'c', compile it, then use setuid/setgid.
> 
> _______________________________________________
> Sig mailing list
> Sig@thelinuxlink.net
> http://www.thelinuxlink.net/mailman/listinfo/sig


____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1