DarkSoul wrote:
Anthony Pankov wrote:
SGID/SUID bits don't work with shell scripts, do they?
And no mention in chmod(1,2) manual.
They don't.
One reason for this, is that if they were applied, the following would
occur :
- execve() syscall reads your script's shebang line, and the script
interpreter is executed, receiving the specified arguments along with
the script name.
- The interpreter then open()s the script file to read it, and run the code.
The problem you then are faced with, is that you have a time frame
defined by the moment between the aforementioned execve() and open(),
during which it could be possible to unlink/move/whatever the shell
script the interpreter is going to open.
You guess where this is going, you have no absolute way of guaranteeing
you are executing the file you initially planned on opening because
execution/opening/reading is not, and can't be done atomically for shell
scripts.
Hmm...
Presumingly, the biggest concern is with scripts owned by root. Who can
unlink, move or change the script? The owner and his group can change
it; the directory owner can unlink it. It looks like the targetted
problem is if a root creates a script in a user-owned directory and then
makes it suid. It looks more like a PEBKAC then a system problem - is it
really so serious there is no sysctl to disable the check?
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
