Path: utzoo!attcan!uunet!mcvax!hp4nl!botter!star.cs.vu.nl!maart
From: maart@cs.vu.nl (Maarten Litmaath)
Newsgroups: comp.unix.wizards
Subject: Re: setuid shell scripts
Keywords: sun setuid execve
Message-ID: <1633@solo7.cs.vu.nl>
Date: 8 Nov 88 00:08:37 GMT
References: <850@cantuar.UUCP> <1627@solo8.cs.vu.nl> <563@uva.UUCP>
Reply-To: maart@cs.vu.nl (Maarten Litmaath)
Organization: VU Informatica, Amsterdam
Lines: 22

In article <563@uva.UUCP> dik@uva.UUCP (Casper H.S. Dik) writes:
\#!<shell> <full pathname of script>
\shift # throw away excess argument.
\
\should close the gap.

Very neat solution, but there's a problem: the total length of shell name +
argument should not exceed 32 chars :-(
(very C64-like indeed!)
Then there's SunOS' csh, which expects a `-b' flag to be the first argument,
instead of the full path name, when executing a setuid script.
Of course both problems could be fixed easily.
Furthermore there's the increased difficulty in maintaining setuid shell
scripts: when you move one, you mustn't forget to edit it...

\... It breaks, however, if the script can be removed/renamed by somebody
\who isn't the owner or the superuser.

Indeed, but that would be a strange situation (dumb mistake) in itself.
-- 
George Bush:                          |Maarten Litmaath @ VU Amsterdam:
             Capt. Slip of the Tongue |maart@cs.vu.nl, mcvax!botter!maart