lindsay@gitpyr.gatech.EDU (LINDSAY H. MORRIS) (11/19/86)
If you make a shell script executable, can you then use the setuid bit in the usual way? Or does setuid only work on executable objects?
mark@ece-csc.UUCP (11/22/86)
In article <2668@gitpyr.gatech.EDU> lindsay@gitpyr.gatech.EDU (LINDSAY H. MORRIS) writes: >If you make a shell script executable, can you then use the setuid bit in the >usual way? Or does setuid only work on executable objects? It works under Ultrix 1.2. I'm not positive, but I *think* that I had some problem with programs run from the script not inheriting the set-uid priviledges, ie, I once had something like: file "test": #!/bin/csh a.out other commands.... Assume "test" was owned by "root" and had set-uid bits on, and "a.out" was owned by something other than root. then, running "test" did not run "a.out" with root's priviledges. I won't swear to this though, since at the time I ran into the problem I found some other way to deal with things and never really did look into the matter thoroughly. (sorry). -- Mark --
henry@utzoo.UUCP (Henry Spencer) (11/25/86)
Given kernel support (4BSD, V8, maybe SysV) and a "#! /bin/sh" (etc) line at the front, you can write setuid shell scripts. They open up security problems that can only be described as "disastrous", though. If you have any concern for security at all, setuid shell scripts are a serious mistake. -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry