[Re: [[Sig] Setuid -- am I doing it right?]]
15 May 2001 11:18:34 EDT
I believe it has to do with a script being run in a sub-shell, while an
executable is under your current process. If you fail to trap all the signals
in your script, a user could break out and roam about as root. Other
opinions/explantions are welcomed since I'm running on my failing, aged memory
out here in Chicago.
You may also wish to reference `man setuid` and `man setreuid`.
Randy Kramer <email@example.com> wrote:
> I wonder if I can recompile some of my old Turbo Pascal or Visual Basic
> programs under Linux? ;-)
> BTW, what am I missing -- why does allowing setuid on an executable
> create less of a security risk than allowing setuid on a script, except
> to the extent that maybe fewer people can write a c program or
> understand and modify a binary? I guess that is the difference -- I
> know that I can do anything in a c program that a script can do, whether
> I can write something like `chown nobody` in c or have to set the file
> parameters using something that looks more like "real" c code.
> And, if there is no less of a security risk, isn't that a variety of
> "security by obscurity" (as some critics of Microsoft and proponents of
> open source software deprecate)? (I better not go there -- just an
> observation -- not a question for you but more a rhetorical question for
> the Microsoft critics. ;-)
> Randy Kramer
> Paul F.Ryan wrote:
> > I fought this problem years back before discovering that Linux does not
> > support SETUID/SETGID on scripts, only executables. It would e a BIG
> > hole if they allowed it...
> > The solution? Write it in 'c', compile it, then use setuid/setgid.
> Sig mailing list
Get free email and a permanent address at http://www.netaddress.com/?N=1