Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!uunet!tut.cis.ohio-state.edu!ucbvax!hplabs!otter!hpubrcf!ken
From: ken@hpubrcf.HP.COM (Ken Green)
Newsgroups: comp.sys.hp
Subject: Re: How can I give users root-like privs. w/o the passwd ?
Message-ID: <120006@hpubrcf.HP.COM>
Date: 28 Dec 89 16:11:45 GMT
References: <2643@umbc3.UMBC.EDU>
Organization: HP  UK Response Center
Lines: 16

> 3) /bin/sh (the program that runs your shell scripts) is a fairly
>    large and complicated program.  this leaves lots of subtle things
>    that the bad guys can use to break your scripts.  as an example, i
>    believe on some systems, if you invoke the shell script via a C
>    program with the "exec" command and add a minus sign to the
>    beginning of the shell script name, it will always execute the
>    users .profile.  and since the bad guys can usually write to their
>    .profiles, they can do anything they want...
> 

	You don't even need to go to the trouble of writing a C program, There
are much simpler ways to get any shell script to execute your .profile.

	Please don't write any set UID root own shell scripts if you want to
have any security on your system. If doesn't take much to write the code in C
and avoid all the secuirty holes.