OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 4th quarter (Oct-Dec) 1994: Re: Setuid programs run from shell scripts?

Re: Setuid programs run from shell scripts?

Fred Blonder (frednasirc.hq.nasa.gov)
Thu, 17 Nov 1994 11:11:17 -0500

	From: Julian Assange <proffsuburbia.apana.org.au>

		.
		.
		.

	Of course, to make things really interesting, we could have n files, 
	comprised of n-1 setuid/setgid scripts and 1 setuid/setgid binary, with 
	each script calling the next as its #! argument and the last calling the 
	binary. ;-)

The '#!' exec-hack does not work recursively.  I just tried it under SunOs 4.1.3
It generated no diagnostics and exited with status 0, but it also didn't execute
the target binary.

I suppose that fact that it didn't barf with an ENOEXEC or similar error
qualifies as a bug.