Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!husc6!sri-unix!sri-spam!ames!amdahl!oliveb!sun!gorodish!guy
From: guy%gorodish@Sun.COM (Guy Harris)
Newsgroups: comp.unix.wizards
Subject: Re: device file non-protection - and suid scripts
Message-ID: <30574@sun.uucp>
Date: Sun, 11-Oct-87 07:49:39 EDT
Article-I.D.: sun.30574
Posted: Sun Oct 11 07:49:39 1987
Date-Received: Mon, 12-Oct-87 21:49:37 EDT
References: <9615@brl-adm.ARPA> <7525@steinmetz.steinmetz.UUCP> <4832@ncoast.UUCP>
Sender: news@sun.uucp
Lines: 17

> ...please note that it's only BSD and derivatives that have this bug.  The
> reason?  Non-BSD systems don't _allow_ suid shell scripts.

No, I think Masscomp's system, which I think they claim to be a System V with
BSD stuff added rather than a BSD system with System V stuff added (not that
the distinction between the two has any significance other than a religious
one), also supports "#!", and thus probably supports set-UID scripts.

> Seems a lot safer to me....

Well, maybe, although removing that feature would be a bit of an airbag
installation; nobody's forcing people at gunpoint to put set-UID shell scripts
in, so it's quite possible to be safe (in this regard) on systems that permit
set-UID shell scripts.
	Guy Harris
	{ihnp4, decvax, seismo, decwrl, ...}!sun!guy
	guy@sun.com