brunner@bullhead.uucp (07/25/89)
Subject: setuid/setgid shell scripts are a security risk Index: sys/kern_exec.c IBM/4.3 Description: Setuid/setgid shell scripts have inherent problems that may be used to violate security. These problems cannot be fixed without completely revising the semantics of executable shell scripts. This patch is consistent with the patch made by Berkeley. Fix: Panel your office in asbestos, and apply the following patch to sys/kern_exec.c. *** kern_exec.c.orig Mon Jul 10 14:47:20 1989 --- kern_exec.c Mon Jul 10 14:55:16 1989 *************** *** 349,354 **** --- 349,359 ---- bcopy((caddr_t)ndp->ni_dent.d_name, (caddr_t)cfname, MAXCOMLEN); cfname[MAXCOMLEN] = '\0'; + #ifdef UCBFIX + /* This is UCBFIX 1.59, there are no other UCBFIX ifdef's in this file. */ + uid = u.u_uid; /* shell scripts can't be setuid */ + gid = u.u_gid; + #endif UCBFIX #else !VFS VN_RELE(vp); vp = (struct vnode *)0; Eric Brunner uunet!ibmsupt!brunner