Nicolas Williams wrote:
> On Wed, Jun 27, 2007 at 12:55:15AM +0200, Roland Mainz wrote:
> > Nicolas Williams wrote:
> > > On Sat, Jun 23, 2007 at 12:31:28PM -0500, Nicolas Williams wrote:
> > > > On Sat, Jun 23, 2007 at 12:18:05PM -0500, Nicolas Williams wrote:
> > > > > Couldn't wait for ZFS delegation, so I cobbled something together; see
> > > > > attachment.
> > > >
> > > > I forgot to slap on the CDDL header...
> > >
> > > And I forgot to add a -p option here:
> > >
> > > > #!/bin/ksh
> > >
> > > That should be:
> > >
> > > > #!/bin/ksh -p
> >
> > Uhm... that's no longer needed for /usr/bin/ksh in Solaris 10 and ksh93
> > never needed it.
>
> But will ksh or ksh93 know that this script must not source $ENV?
Erm, I don't know what's the correct behaviour for Solaris ksh88... but
for ksh93 it's clearly defined that ${ENV} and /etc/ksh.kshrc are only
sourced for _interactive_ shell sessions by default - and that excludes
non-interactive scripts.
> Apparently ksh won't source it anyways; this was not clear from the man
> page.
>
> Note that in the RBAC profile for this script the script gets run with
> privs=all, not euid=0, so checking that euid == uid is not sufficient.
What do you mean with that ?
> > > Note that this script is not intended to be secure, just to keep honest
> > > people honest and from making certain mistakes. Setuid-scripts (which
> > > this isn't quite) are difficult to make secure.
> >
> > Uhm... why ? You only have to make sure the users can't inject
> > data/code. David Korn provided some guidelines for such cases, see
> > http://mail.opensolaris.org/pipermail/shell-discuss/2007-June/000493.html
> > (mainly avoid "eval", put all variable expensions in quotes, set IFS= at
> > the beginning of the script and harden your script against unexpected
> > input (classical example is $ myscript "$(cat /usr/bin/cat)" # (e.g. the
> > attempt to pass a giant binary string as argument))) ... and I am
> > currently working on a new shell code style guideline at
> > http://www.opensolaris.org/os/project/shell/shellstyle/ with more stuff.
>
> As you can see the script quotes user arguments throughout. It's
> probably secure -- what I meant is that I make no guarantees about this
> script :)
Yes... I saw that... and I realised that the new ksh93 getopts, pattern
matching (e.g. [[ "${pat}" == ~(Ei).*myregex.* ]] to replace something
like [ "$(echo "${pat}" | egrep -i ".*myregex.*")" != "" ] ) and
associative arrays (e.g. use string as index instead of numbers) would
be usefull for this script.
Anyway... the script looks good... I wish the script code in OS/Net
Makefiles would have that quality... ;-/
----
Bye,
Roland
--
__ . . __
(o.\ \/ /.o) [EMAIL PROTECTED]
\__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
/O /==\ O\ TEL +49 641 7950090
(;O/ \/ \O;)
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
