setuid shell scripts 
Author Message
 setuid shell scripts


I am writing some bourne shell and perl tools that will run on a sun3 and
sun4 running SunOS 4.1.1. The tools need to be setuid, so I am wrapping the
files in a C binary that is setuid and calls them.  (The wrap generator is
"setuidscript" in the perl "camel" book on page 305.)

What I would like to know is: How secure will these scripts be and are there
any obvious holes that would be good to know about?

The C wrapper calls out the script by it's exact path, so there is no chance
of the user's path being a problem.  The executables are owned by a special
user that is not root.  The scripts call emacs or vi, but both editors appear
to refuse a csh shell from starting.

I plan on converting these to regular old C is there is a significant reason
for doing so.  Hence, this posting.

All replies, war stories, etc. will be greatly appreciated.  Please reply via
email if possible and I will summarize.

        thanks and have a good day,

Wed, 02 Aug 1995 02:58:13 GMT  
 [ 1 post ] 

 Relevant Pages 

1. Setuid shell scripts not allowed

2. shell script from within a shell script

3. Calling shell scripts or shell commands from Perl

4. Scheme Shell: Shell Scripting for the 90's

5. Bourne Shell Script to Perl script converter?

6. Passing variables from Perl script to shell script

7. Shell Scripts vs. Perl Scripts

8. Perl script calling shell script failing

9. Incomplete output from crontab email: running shell scripts from a perl script

10. Can't get CGI script to execute UNIX Shell Script

11. shell script and perl script

12. Execute shell script from a perl script


Powered by phpBB® Forum Software