[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: seduid scripts



>Steve writes:
>
>> > [about /bin/scripter]
>> 
>> This sounds an even more unholy mess than one incidence of / -> \ conversion
>> in the kernel! Anyway, it's just one more security hole, not that there
>> aren't one or two already! :-)
>
>Why is that an security hole?  `/bin/scripter' would be just another shell
>which happens to be setuid-root (just like `su').

It's just one more program which could be compromised.

>
>IMHO, having a script launcher is better than putting inconsistencies
>in the kernel.

Exec should preferably be an atomic action. Also, there is an implicit
assumption that you hold your executables in /bin. What if the script is for
something other than /bin/[c]sh, maybe you want to run /exec/bloggs/gruncher
and don't have a /bin on the current drive? Putting the parsing of the #!
magic number in the kernel would make the kernel self contained, and hence
less able to be totally fouled up by the half-clued or clueless.

You can never under estimate the intelligence of a user! :-)

>
>Michael
>-- 
>Internet: hohmuth@freia.inf.tu-dresden.de
>

Steve

-- 
---------------------------------------------------------------------------
Computer Systems Administrator, Dept. of Earth Sciences, Oxford University.
E-Mail: steve@uk.ac.ox.earth (JANET) steve@earth.ox.ac.uk (Internet).
Tel:- Oxford (0865) 282110 (UK) or +44 865 282110 (International).