Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.bhp.com.au!mel.dit.csiro.au!munnari.OZ.AU!news.hawaii.edu!ames!agate!howland.reston.ans.net!gatech!newsfeed.internetmci.com!in1.uu.net!zib-berlin.de!unlisys!desert!heaven7.snafu.de!usenet From: martini@heaven7.snafu.de (Martin Ibert) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: execve() ignores shell script setuid bit Date: 27 Jan 1996 16:47:53 +0100 Organization: The Seventh Heaven, Berlin, Germany Lines: 18 Sender: martini@cumulus.sky.bln.sub.org Message-ID: <ufn379r652.fsf@cumulus.sky.bln.sub.org> References: <30FEC809.167EB0E7@lasorda.princeton.edu> <ufrawpqvi2.fsf@cumulus.sky.bln.sub.org> <DLpKsB.FF1@ritz.mordor.com> NNTP-Posting-Host: cumulus.sky.bln.sub.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit In-reply-to: bet@ritz.mordor.com's message of Wed, 24 Jan 1996 23:19:22 GMT X-Newsreader: Gnus v5.1 In article <DLpKsB.FF1@ritz.mordor.com> bet@ritz.mordor.com (Bennett Todd) writes: : You'll have to make an executable with a compiled language like C. You can't : use perl --- it's a #!-magic scripting language. You can. There is a special version of perl for suid scripts (suidperl) that itself is suid to root (and a "real" program). That will handle all security concerns for you And if the interpreter itself is suid (rather than the script), it should run alright. Cf.: Camel Book, "Setuid Scripts" (page 374). -- Martin Ibert, Fürstenweg 11, D-13589 Berlin-Spandau, Germany, EU | ____ Cen ____ Fon: +49-30-3753479/Fax ...3753699/Mail martini@heaven7.snafu.de | \___/ -------------------------------------------------------------------------------- "The Net interprets censorship as damage and routes around it." --- John Gilmore PGP key is available from any key server or from <http://www.snafu.de/~martini>