Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!msunews!agate!howland.reston.ans.net!newsfeed.internetmci.com!news.mathworks.com!uunet!in1.uu.net!svc.portal.com!news1.best.com!shellx.best.com!blob.best.net!not-for-mail
From: dillon@best.com (Matt Dillon)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: execve() ignores shell script setuid bit
Date: 2 Feb 1996 20:22:45 -0800
Organization: Best Internet Communications, Inc. (info@best.com)
Lines: 20
Distribution: world
Message-ID: <4eunul$ggn@blob.best.net>
References: <30FEC809.167EB0E7@lasorda.princeton.edu> <ufrawpqvi2.fsf@cumulus.sky.bln.sub.org> <DLpKsB.FF1@ritz.mordor.com> <ufn379r652.fsf@cumulus.sky.bln.sub.org>
NNTP-Posting-Host: blob.best.net
:In article <ufn379r652.fsf@cumulus.sky.bln.sub.org>,
:Martin Ibert <martini@heaven7.snafu.de> wrote:
:>In article <DLpKsB.FF1@ritz.mordor.com> bet@ritz.mordor.com (Bennett Todd) writes:
:>
:>: You'll have to make an executable with a compiled language like C. You can't
:>: use perl --- it's a #!-magic scripting language.
:>
:>You can. There is a special version of perl for suid scripts
:>(suidperl) that itself is suid to root (and a "real" program). That
:>will handle all security concerns for you And if the
:>interpreter itself is suid (rather than the script), it should run alright.
The only problem is that suidperl is too dangerous to install. That
is, unless you *want* someone to hack root on your machine...
-Matt
--
Matthew Dillon Engineering, BEST Internet Communications, Inc.
<dillon@best.net>
[always include a portion of the original email in any response!]