Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!rochester!ritcv!jxs7451
From: jxs7451@ritcv.UUCP
Newsgroups: comp.unix.questions
Subject: Re: setuid shell scripts
Message-ID: <303@ritcv.UUCP>
Date: Sun, 30-Nov-86 22:42:43 EST
Article-I.D.: ritcv.303
Posted: Sun Nov 30 22:42:43 1986
Date-Received: Mon, 1-Dec-86 07:49:22 EST
References: <13@houligan.UUCP> <1112@decuac.DEC.COM> <1250@cit-vax.Caltech.Edu>
Reply-To: jxs7451@ritcv.UUCP (jeff)
Organization: Rochester Institute of Technology, Rochester, NY
Lines: 13

>Make that "executable", not "readable".

The problem is that for a sh or csh (not ksh i think) shell script to 
execute it has to be executable AND readable.  At least on AIX as recent
as C39C and 4.3 BSD on a 780.  I don't know the big security hole in suid
scripts are, but then again I dont think RIT would want me to know because
i am just a student.  Oh well.

J. Smith
ritcv!jxs7451

The things i say here have nothing to do with my school or my former employer,
other than the fact that I use their machines.