Path: utzoo!attcan!uunet!visdc!jiii
From: jiii@visdc.UUCP (John E Van Deusen III)
Newsgroups: comp.unix.questions
Subject: Re: SUID and Shell scripts
Summary: Special considerations for shell scripts running setuid
Message-ID: <542@visdc.UUCP>
Date: 18 May 89 23:40:29 GMT
References: <5073@b11.ingr.com>
Reply-To: jiii@visdc.UUCP (John E Van Deusen III)
Organization: VI Software Development, Boise, Idaho
Lines: 18

Consider the situation where you have a C program with the setuid bit
set, and you have execed a shell script as follows:

	(void) execl("/bin/sh", "sh", "-c", "myprog.sh", 0);

In writing myprog.sh, certain things may not work as expected.
One of the most important could be test.  A construct like

	test -r $FILE || exit 1

might have to be replaced with something more cumbersome.

	test "`find . -name $FILE -user $EUID -perm -400 -print | \
		fgrep -x ./$FILE`" || exit 1
--
John E Van Deusen III, PO Box 9283, Boise, ID  83707, (208) 343-1865

uunet!visdc!jiii