nik@b11.ingr.com (Nik Simpson) (05/16/89)
From article 277 in alt.sources >>Bryan R. Davies, AT&T Bell Labs >>IH 55314 4H-332 x3669 att!ihlpy!bdavies >> >>Finally, create a shell script (or binary) in your bin directory that >>others must execute prior to accessing your files. You can add logging >>information into a file somewhere, do menu driven stuff, or whatever. >>The trick is to do a chmod 2755 on the script. This sets the 'setgid' >>bit on the file so that the other users who execute this command have >>your effective group ID, and can access files as per the group settings >>that you have set up. >> This discussion originated in alt.sources, however comp.unix.questions seems a more appropriate forum to continue it. The suggested use of a shell script needs some clarification, using the suid bit on a shell script has no effect on the effective id of the person executing the shell. Try writing the following script echo "current id is `id`" With the following protections it still shows the id of the person running the script as being unchanged. -rwsrwsr-x 1 root stm 26 May 16 08:42 test.sh For more information on this subject can I recommend UNIX System Security Pat Wood & Stephen Kochan Hayden UNIX Books ISBN : 0-8104-6267-2 This devotes some very good coverage to the subject and includes source for a C program to overcome SUID problems with shells. |----------------------------------------------------------------------------| | Nik Simpson | | | Senior Systems Engineer | Disclaimer : | | System Technology Marketing Group | The author denies | | Intergraph UK Ltd. | any responsibility for | | ph +44-793-619999x333 (voice) | anything you disagree with | | ph +44-793-618508 (fax) | , He was on holiday at the | | UUCP : uunet!ingr!nik | time !! | |----------------------------------------------------------------------------|
guy@auspex.auspex.com (Guy Harris) (05/19/89)
> The suggested use of a shell script needs some clarification, >using the suid bit on a shell script has no effect on the effective id >of the person executing the shell. Well, it depens on what flavor of UNIX you have. *If* you have one that supports "#!" in the "exec" calls, and *if* your script begins with a "#!" line, then setting the suid bit on a shell script *does* cause the effective ID(s) of the process running the script to be set to those of the owner/group of the script - assuming the system you're running doesn't disable set-UID shell scripts in "exec", as was done by Berkeley at one point to deal with some rather nasty security holes that set-UID shell scripts open up. Maarten Litmath has written a program to let you run shell scripts set-UID which he claims doesn't have any such security holes. I assume he's right; however, you still have to be careful when writing set-UID shell scripts, just as you have to be careful when writing *any* set-UID program.
jiii@visdc.UUCP (John E Van Deusen III) (05/19/89)
Consider the situation where you have a C program with the setuid bit
set, and you have execed a shell script as follows:
(void) execl("/bin/sh", "sh", "-c", "myprog.sh", 0);
In writing myprog.sh, certain things may not work as expected.
One of the most important could be test. A construct like
test -r $FILE || exit 1
might have to be replaced with something more cumbersome.
test "`find . -name $FILE -user $EUID -perm -400 -print | \
fgrep -x ./$FILE`" || exit 1
--
John E Van Deusen III, PO Box 9283, Boise, ID 83707, (208) 343-1865
uunet!visdc!jiii