*BSD News Article 83936


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!nntp.coast.net!news2.acs.oakland.edu!condor.ic.net!news.sojourn.com!news.eecs.umich.edu!panix!feed1.news.erols.com!howland.erols.net!news.mathworks.com!fu-berlin.de!irz401!orion.sax.de!uriah.heep!news
From: j@uriah.heep.sax.de (J Wunsch)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: Serious brain damage in /bin/sh for FreeBSD 2.1.5
Date: 30 Nov 1996 16:52:07 GMT
Organization: Private BSD site, Dresden
Lines: 35
Message-ID: <57ponn$2ae@uriah.heep.sax.de>
References: <stanbE1M2D2.38I@netcom.com> <57m6f4$2dl@uriah.heep.sax.de>
  <stanbE1nxGM.M0L@netcom.com>
Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
NNTP-Posting-Host: localhost.heep.sax.de
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Newsreader: knews 0.9.6
X-Phone: +49-351-2012 669
X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F  93 21 E0 7D F9 12 D6 4E

stanb@netcom.com (Stan Brown) wrote:

> >Good news: the /bin/sh in -current (or the 2.2 release candidate)
> >knows about ``sh -p'', which is what you're looking for.  It disables
> >sourcing $ENV.  (Meaning it's a ``privileged'' shell since it's
> >automatically turned on whenever the shell detects that its UID and
> >EUID are different.)
> 
> 	No help here. Should I go through and hunt down every system shell
> 	script and edit it to use this *feature*? Get real.

You should edit this into every system shell script that _requires_ it
anyway, i.e. everything that could be confused about things like
aliases or env variables that might be set inside the $ENV.

I will make a pass over the system-provided shell scripts and see
which one are candidates for this.  Hint: if you use any shell script
as a login shell, it's a _strong_ candidate.  Note that this -p has
been taken from the Korn shell, since it appears to be the only way to
prevent the shell from evaluating $ENV first, a feature that was badly
missing.  So, the above requirement is also true if your scripts use
the Korn shell.

Posix doesn't know different shells, it only talks about _one_ shell,
and the description makes it very obvious that they've done what they
could to make it in a way where the Korn shell fullfills all
requirements.  Hence, using the Korn shell as /bin/sh is sanctioned by
Posix.  If your scripts break by this, blame the Posix folks, not us.

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)