Sv.2 suid bits
Guy Harris
guy at sun.uucp
Fri Nov 29 07:09:54 AEST 1985
> > On SV.2 (3b2, pc7300 (Safari)) suid bits do not work on shell scripts. Am
> > I just silly or don't I remember them working on 2 other UN*X-ish (TNIX,
> > XENIX) environments?
>
> Suid bits on shell scripts don't work on any machine I have ever used.
> This includes PDP-11/70, Vax, 3b20, U370, PC7300. It is frustrating,
> but I have wound up making up a little C program which execs the shell.
> The C program has the suid bit set...
Set-UID bits don't work on shell scripts, in general, because for them to
work the shell'd have to be running set-UID. If you're running a shell as
yourself, and it tries to run a shell script which is set-UID to "root", how
would it be able to get "root"s privileges? And if *it* could get root
privileges, what would prvent some program you wrote like
main()
{
system("rm -rf /");
}
from getting them as well?
In some systems (4.1BSD, 4.2BSD, Version 8, and some others which have added
this feature - originally concocted by Dennis Ritchie), you can have the
kernel detect a shell script and run a shell (or other interpreter) on that
script. In this case, you *can* have set-UID shell scripts; the kernel is
trusted code (yuk yuk) and can give the shell it's firing off to run the
set-UID script the appropriate privileges. However, there is a horrible
security hole in this; I think there's a fix, but I don't know if it closes
all the holes, and it involves changing any and all shells and other
interpreters - a minor change, but still a change, and you need source to
change it. So don't set up set-UID shell scripts if you don't trust your
user population.
Guy Harris
More information about the Net.bugs.usg
mailing list