Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!ames!haven!mimsy!chris
From: chris@mimsy.umd.edu (Chris Torek)
Newsgroups: comp.unix.questions
Subject: Re: Running processes as root
Message-ID: <20329@mimsy.umd.edu>
Date: 22 Oct 89 15:29:03 GMT
References: <21240@adm.BRL.MIL>
Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742
Lines: 21

>Jonathan Bayer <jbayer@ispi.uucp> writes:
>>The set-uid bit does not work for shell scripts. ...

In article <21240@adm.BRL.MIL> danl@midget.towson.edu writes:
>All of the above is quite wrong.  On all of the BSD derivatives I've used
>set-uid does work for shell scripts. ...

On all of the BSD derivatives on which setuid scripts run setuid,
all such setuid scripts are not secure.

>... you must think ahead to restrict the user to executing
>only the script you've choosen

With the existing implementations, this is not possible.  (Sorry.)
You have to write at least one C program.

It might be fixed in some future release.  It is not impossible to fix.
-- 
`They were supposed to be green.'
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain:	chris@cs.umd.edu	Path:	uunet!mimsy!chris