An SUID shell script question (?)

An SUID shell script question (?)

Post by W. Woody J » Mon, 06 Sep 1993 12:55:48



Hi.
I wrote a shell script (called 'turnin'), which I set SUID bit on.
The purpose of this shell script is that students use it for submitting
their programming assignments into my directory.

One problem is that since the effective uid becomes my uid when
a student runs the turnin script, he has to give the read permission
to others  to the files that he is going to submit.

Is there any good solution for this ?
BTW, we are using ULTRIX 4.2 system.

Thanks, in advance.

--
____   ____  ____ ______________________________________ (__) _________________

|  |   |  |__|  |  Bovinetic Algorithm Design     o=======\/  I'm  a Cow Lover.
|  |   |        |  Dept. of Computer Science    / |     ||   My wife  was born
\  |---|  |--|  |  University of Houston       *  ||w---||   in Cow year.  Mooo
 \____/|__|  |__| ________________________________^^    ^^_____________________

 
 
 

An SUID shell script question (?)

Post by W. Woody J » Tue, 07 Sep 1993 10:30:52




>>I wrote a shell script (called 'turnin'), which I set SUID bit on.
>>The purpose of this shell script is that students use it for submitting
>>their programming assignments into my directory.

>>One problem is that since the effective uid becomes my uid when
>>a student runs the turnin script, he has to give the read permission
>>to others  to the files that he is going to submit.

>    What would be wrong with creating a directory inside your home
>directory, and giving it permission 0730 to the students group?
>If the students aren't all in the same group, a setgid script should
>work, shouldn't it?
>    I just tried this by creating a directory in my root home directory
>with write permission for group user, and then copied a file in as a
>user with all read premissions set. As the owner of the file, I still
>can't read it in the write only directory.

Because I want to take control over my directories.  Besides the homeworks
submission, my shell script also handles such things like : turnin LOG,
turning off the submission,  LATE homework submission directory, ..etc.
So, I must have a complete control, which means that the students should be
able to write in my directory only in a way my shell script controls.

One non-satisfactory way, which I have been using, and which was suggested
by someone here, is to give the turnin script just executable permission,
and calls a set of SUID scripts in the turnin script.
This just works, but it is undesirable, since :
   1) first, turnin script should copy the files to /tmp/$$ and then
      give it to read permission.
      This is only for a very short time, since they are going to deleted
      after being copied to my directory, but it is a security hole, anyway.
   2) If the students are smart, they can execute only SUID scripts which
       should have been called by turnin,
      by which they can avoid the turnin's control.

Best way would be
   that uid and effective uid have the same permissions ( 8-) ).

--
____   ____  ____ ______________________________________ (__) _________________

|  |   |  |__|  |  Bovinetic Algorithm Design     o=======\/  I'm  a Cow Lover.
|  |   |        |  Dept. of Computer Science    / |     ||   My wife  was born
\  |---|  |--|  |  University of Houston       *  ||w---||   in Cow year.  Mooo
 \____/|__|  |__| ________________________________^^    ^^_____________________

 
 
 

An SUID shell script question (?)

Post by Torbj|rn Lindgr » Tue, 07 Sep 1993 07:33:43



Quote:>I wrote a shell script (called 'turnin'), which I set SUID bit on.
>The purpose of this shell script is that students use it for submitting
>their programming assignments into my directory.

SetUID scripts are BAD!! On most (probably all) systems there are at
least one bug that can be used together with a SUID script to get
access to that persons account!

On most systems there are more than one way to do this... Perl and
real programs is probably the only things that ever should get the
SUID-bit, and with both you have to take special precautions to see
that it really works (One example is the old Emacs-bug that allowed
anyone to get root-access, it's removed since long time now)...

Quote:>One problem is that since the effective uid becomes my uid when
>a student runs the turnin script, he has to give the read permission
>to others  to the files that he is going to submit.

Also possible to avoid in a real program (for example in C). The
output-file could be opened using your UID, then it could switch back
to the original UID and open the input-file.
 
 
 

An SUID shell script question (?)

Post by Stefan Monni » Tue, 07 Sep 1993 01:15:11



Quote:>Hi.
>I wrote a shell script (called 'turnin'), which I set SUID bit on.
>The purpose of this shell script is that students use it for submitting
>their programming assignments into my directory.

>One problem is that since the effective uid becomes my uid when
>a student runs the turnin script, he has to give the read permission
>to others  to the files that he is going to submit.

>Is there any good solution for this ?

As far as I can tell, the only obvious solution is to start to
processes: one running with uid=studentID and the other setuid and
make them exchange messages by some pipe. (an easy way to do this is
to pipe the interesting files through tar and then to your setuid
script that will untar the whole thing and ...

        Stefan
--

-----------------------------------------------------
-- On the average, people seem to be acting normal --
-----------------------------------------------------

 
 
 

An SUID shell script question (?)

Post by John Hende » Tue, 07 Sep 1993 07:16:19



Quote:>I wrote a shell script (called 'turnin'), which I set SUID bit on.
>The purpose of this shell script is that students use it for submitting
>their programming assignments into my directory.
>One problem is that since the effective uid becomes my uid when
>a student runs the turnin script, he has to give the read permission
>to others  to the files that he is going to submit.

    What would be wrong with creating a directory inside your home
directory, and giving it permission 0730 to the students group?
If the students aren't all in the same group, a setgid script should
work, shouldn't it?
    I just tried this by creating a directory in my root home directory
with write permission for group user, and then copied a file in as a
user with all read premissions set. As the owner of the file, I still
can't read it in the write only directory.

--
John Henders       GO/MU/E d* -p+ c+++ l++ t- m--- s/++ g+ w+++ -x+

 
 
 

1. shell script within shell script (general question)

When writing a shell script, quite often, I have to write bunch of
separate Awk/Python/etc scripts that are more than few lines.  And, of
course, I lose track of which script does what, especially if I have to
go back and forth with editor.

Is there a way to include those Awk/Python scripts inside of the main
shell script?  Essentially, I would like to write in the main shell
script,

    subfile test1 (/usr/bin/gawk -f) {
        ...
        /pattern/ {action}
        ...
    }

    subfile test2 (/usr/bin/python) {
        ...
        python stuffs
        ...
    }

instead of a file called "test1",

    #! /usr/bin/gawk -f
    ...
    /patthern/ {action}
    ...

and another file called "test2",

    #! /usr/bin/python
    ...
    python stuffs
    ...

Does anyone know which shell allows this?  If no such shell exists, then
how difficult would it be write a hook in the source?

        Yours truly,
--

Linux solution for data management and processing.

2. NETATALK in 2.2.5-RELEASE

3. How to securely execute SUID ROOT shell scripts?

4. What's the diff between SLS, MCC, Slackware, and Debian?

5. help with suid shell script not doing what it should.

6. Trouble connecting to internet

7. Suid/sgid shell scripts

8. 2 append lines in lilo.conf

9. setting root SUID for an executable shell script

10. why don't my suid root shell scripts work under Solaris 2.5?

11. suid shell scripts??

12. SUID-bit for shell-scripts

13. SUID on a shell script