Return to BSD News archive
Path: sserve!manuel.anu.edu.au!munnari.oz.au!sgiblab!sdd.hp.com!cs.utexas.edu!usc!sol.ctr.columbia.edu!caen!uunet!mcsun!sun4nl!tuegate.tue.nl!svin09!wzv!gvr.win.tue.nl!guido From: guido@gvr.win.tue.nl (Guido van Rooij) Newsgroups: comp.unix.bsd Subject: [386bsd] Fix for kern_execve to allow suid/sgid shellscipts Message-ID: <4165@wzv.win.tue.nl> Date: 3 Dec 92 20:36:11 GMT Sender: news@wzv.win.tue.nl Organization: Guido's home 486 box Lines: 75 I noticed that suid/sgid shellscripts dont work with the current kern_execve.c. I made a quick hack to do so. Whenever a shellscript is found, the shell inherits the uid/gid (if one of the sbits was set of course). It's a quick hack as I said, but it works (so it seems ;-)) Comments are welcome. The diff is made with the patchkit (1 to 58) installed. -Guido --------------- *** kern_execve.c Thu Dec 3 21:33:22 1992 --- kern_execve.c~ Fri Oct 16 11:07:51 1992 *************** *** 114,124 **** struct exec ex_hdr; } exdata; int indir = 0; - /* Implement set userid/groupid for shell scripts as well, - * - * G. van Rooij, 3 dec 1992 - */ - int inh_suid = 0, inh_sgid = 0, inh_va_uid,inh_va_gid; /* * Step 1. Lookup filename to see if we have something to execute. --- 114,119 ---- *************** *** 153,175 **** goto exec_fail; } - /* Implement set userid/groupid for shell scripts as well, - * - * G. van Rooij, 3 dec 1992 - */ - if(indir) { - /* Force the attributes to the saved ones of the shell (if the shell was - * suid/guid of course.. - */ - if(inh_suid) { - attr.va_uid = inh_va_uid; - attr.va_mode |= VSUID; - } - if(inh_sgid) { - attr.va_gid = inh_va_gid; - attr.va_mode |= VSGID; - } - } /* * Step 2. Does the file contain a format we can * understand and execute --- 148,153 ---- *************** *** 227,244 **** ndp->ni_dirp = shellname; /* find shell interpreter */ ndp->ni_segflg = UIO_SYSSPACE; - /* Implement set userid/groupid for shell scripts as well, - * - * G. van Rooij, 3 dec 1992 - */ - if (attr.va_mode&VSUID) { - inh_suid = 1; - inh_va_uid=attr.va_uid; - } - if (attr.va_mode&VSGID) { - inh_sgid = 1; - inh_va_gid=attr.va_gid; - } goto again; } --- 205,210 ----