Path: utzoo!attcan!uunet!husc6!ukma!cwjcc!hal!ncoast!allbery
From: allbery@ncoast.UUCP (Brandon S. Allbery)
Newsgroups: comp.unix.wizards
Subject: Re: System V Release 4 ...
Message-ID: <12843@ncoast.UUCP>
Date: 18 Oct 88 17:49:58 GMT
References: <467@gould.doc.ic.ac.uk>
Reply-To: allbery@ncoast.UUCP (Brandon S. Allbery)
Followup-To: comp.unix.wizards
Organization: Cleveland Public Access UN*X, Cleveland, Oh
Lines: 20

As quoted from <467@gould.doc.ic.ac.uk> by brwk@doc.ic.ac.uk (Bevis King):
+---------------
| I interpretted the above to mean "setuid/setgid" shells can only be run
| by the default shell, and any attempt to change from that results in the
| setuid/setgid being ignored.
+---------------

Shell scripts probably -- HOPEFULLY -- cannot be suid/sgid.  ALLOWING SETUID
SHELL SCRIPTS IS A SECURITY HOLE.  It's notable that Berkeley itself has
sent out a "mandatory" BSD patch which disables setuid on "#!" executables.

On the other hand, your Sun-blinded friend is probably incurable.  [ 1/2 ;-) ]

++Brandon
-- 
Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X
uunet!hal.cwru.edu!ncoast!allbery  <PREFERRED!>	    ncoast!allbery@hal.cwru.edu
allbery@skybridge.sdi.cwru.edu	      <ALSO>		   allbery@uunet.uu.net
comp.sources.misc is moving off ncoast -- please do NOT send submissions direct
  (But the aliases are NOT on UUNET yet, use the aliases at backbone sites!)