Re: High ranking lusers

Henry Hertz Hobbit (hhhobbiticarus.weber.edu)
Sat, 18 Apr 1998 16:17:23 -0600 (MDT)

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: AC: "fw-1 general & VPN questions"
• Previous message: carsontla.org: "Re: High ranking lusers"
• In reply to: Henry Hertz Hobbit: "Re: High ranking lusers"
• Next in thread: carsontla.org: "Re: High ranking lusers"
• Reply: carsontla.org: "Re: High ranking lusers"

On Thu, 16 Apr 1998 carsontla.org wrote:

>> Little Boss: The Big Boss wants a shell script to be setuid root.
>
> 2) Setuid shell scripts (at least /bin/sh ones) are secure in many modern
> operating systems, such as Solaris 2.x, thanks to /dev/fd

No they aren't secure, at least as a general rule. You can't easily
change what a binary does without actually replacing the binary.
With a shell script, all kinds of possibilities exist. If you can
exit to a shell the possibility of gaining unauthorized root access
exists. Trojan statements can be inserted in the shell file to cause
damage. What does the floppy device have to do with anything???

> 3) If (1) and (2) fail to make you modify your policy, you can always
> make him code a setuid wrapper in C, instead of shell.

This is *much* more preferable. Depends on the size of the shell
script, but do *NOT* have any system() functions in the code since
this is almost as bad as a shell file. If you can somehow shell out,
(or invoke a shell from the program) you are again gaining root
access.

HHH

• Next message: AC: "fw-1 general & VPN questions"
• Previous message: carsontla.org: "Re: High ranking lusers"
• In reply to: Henry Hertz Hobbit: "Re: High ranking lusers"
• Next in thread: carsontla.org: "Re: High ranking lusers"
• Reply: carsontla.org: "Re: High ranking lusers"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:10:47 CDT