Path: utzoo!yunexus!geac!syntron!jtsv16!uunet!husc6!mailrus!iuvax!bsu-cs!dhesi
From: dhesi@bsu-cs.UUCP (Rahul Dhesi)
Newsgroups: comp.unix.wizards
Subject: Re: Secure setuid shell scripts
Message-ID: <4483@bsu-cs.UUCP>
Date: 25 Oct 88 12:03:26 GMT
Article-I.D.: bsu-cs.4483
References: <14066@iuvax.cs.indiana.edu> <4409@bsu-cs.UUCP> <14069@mimsy.UUCP> <546@sp7040.UUCP> <14139@mimsy.UUCP>
Reply-To: dhesi@bsu-cs.UUCP (Rahul Dhesi)
Organization: CS Dept, Ball St U, Muncie, Indiana
Lines: 15

The set-user-id shell script bug, they say, lies in the semantics of
the file system itself.  Very well:

In article <14139@mimsy.UUCP> chris@mimsy.UUCP (Chris Torek) adds:
>...there is a way to have set-ID scripts without having
>the kernel do it: you make the interpreter itself set-ID, and have it
>check the ID on the script.

Which naturally leads me to wonder:  The semantics of the filesystem
are presumably not dependent on whether the kernel handles set-uid
scripts or the set-uid interpreter does (or are they?).  Does the same
security hole exist when a shell, which has been made made set-uid to
root, executes a set-uid scrpt without the kernel's help?
-- 
Rahul Dhesi         UUCP:  <backbones>!{iuvax,pur-ee}!bsu-cs!dhesi