[triangle.wizards] Setuid shell that tests writability

abc@Matrix.COM (Alan Clegg) (07/19/90)

Yes, I know that SUID shell scripts may be hazardous to my health, but anyway...

Executing a setuid (root) script causes file tests to work
differently when run on an AViiON and when run on a Sun.  Here is the
shell script that causes the problem:

-----CUT HERE-----

# When non-SETUID (not as root), this code responds with
#		'correct operation' on both DG/UX 4.30 and SunOS 4.1

# When run BY root, it returns 'oops' on both platforms. 

# When run as SETUID root by some other uid, it returns 'correct operation'
# 	on the Sun, but 'oops' on DG/UX.

# This is cause by checking the file permissions with the effective uid, not
# the real uid.  This causes problems in SETUID scripts checking for
# writability (by the invoker) of files.

rm -f /tmp/test
touch /tmp/test
chmod 555 /tmp/test

# Show who we are (NOTE THE 'euid').


# If the file is writable, we have a problem, or are running as root.

if [ -w "/tmp/test" ] ; then
	echo "oops... /tmp/test is writable"
	echo "correct operation:  /tmp/test is NOT writable"
-----CUT HERE-----

Now, is the correct operation to do the { if [ -w ... ] } as the REAL or the
EFFECTIVE uid?  As noted, I have checked this with an AViiON and on a Sun, but
don't have root access on any other machine types....

Any opinions are welcome!

      __ _
     / // \  Matrix             Alan B. Clegg
    / //  /_  Corporation       UNIX Systems Administrator
   / //  // \                   (919) 231-8000
  / //  //   \          UUCP:   ...!mcnc!matrx!clegg	(NOTE: no i in matrx)
 / //  //     \     Internet:   clegg@matrix.com	(Note: matrix has an i)