Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!uunet!auspex!guy
From: guy@auspex.auspex.com (Guy Harris)
Newsgroups: comp.unix.wizards
Subject: Re: setuid?
Message-ID: <3325@auspex.auspex.com>
Date: 9 May 90 18:01:20 GMT
References: <11410@cbmvax.commodore.com> <3320@auspex.auspex.com> <11440@cbmvax.commodore.com>
Organization: Auspex Systems, Santa Clara
Lines: 27

>My mistake--a correction: System V Release 4.0 does support set-uid
>shell scripts if the !# notion is used.  I've tried this with the
>bourne and korn shells.

It should work with the C shell as well, although since the C shell is
derived from the 4.3BSD one, you have to put the "-b" flag in the "#!"
line.

You should, of course, put the "-" flag in the "#!" line for the Bourne
or Korn shells (unless you *like* security holes).  Of course, you
should also make sure you set IFS and PATH very early on in the script
(or "path" if the C shell).  There are probably various other things you
should do in order to make a less-insecure set-UID shell script.  I
don't know whether it's possible to make a secure set-UID shell script
or not; people have probably thought so in the past, and been rudely
surprised....

>Support code for SVVS:
>{int fd=open("/dev/zero",0);mmap(0,0x800,1,0x11,fd,0);close(fd);}

Oh, dear.  Won't people - people writing the SVVS, in particular -
*EVER* learn to stop dereferencing null pointers?  Sigh....

(For the benefit of those not familiar with "mmap()" or "/dev/zero", the
above sequence of code amounts to "stuff a 2K zero-fill-on-demand
read-only page at location zero", for the benefit of stupid code that
doesn't check for NULL pointers.)