suid : perl, ksh...

suid : perl, ksh...

Post by Mike » Wed, 28 Jul 1999 04:00:00



I'm a bit curious about suid scripts.  As I understand it, perl allows suid
scripts so long as you respecify the PATH environemtal variable(or -U).  For
example, say I think elm isn't a good mail program so I write the following
that allows any user to kill off all elm processes :

#!/usr/local/bin/perl

$ENV{PATH} = '/usr/bin/';
`killall elm`;

Now, if some elm user got upset with me, I don't see any way he/she could
obtain revenge by way of this script.  Yes, this program is probably too
simplistic.  I'm wondering what situation might allow an user to do
something that he shouldn't be allowed to do. [Assuming ARGV[x] isn't allowed -
as I believe is the case without -U]

Furthermore, as I understand it ksh and bash don't allow suid.  Why is this,
can't a scheme like perl uses (with a mandatory redefinition of PATH required)
be implemented?  Or is this still considered insecure?

--
Mike G.

 
 
 

suid : perl, ksh...

Post by Dave Grantie » Wed, 28 Jul 1999 04:00:00



> Furthermore, as I understand it ksh and bash don't allow suid.  Why is this,

I don't (or didn't) know that this was true.  In fact, if it were, it
would be easy enough to create a #!/bin/sh wrapper script which could,
in turn, call your suid script.

More often, the mount command can be issued in such a way as to prevent
suid scripts (not binaries) from being executed suid.  That way, when a
file system is mounted to disallow suid, an ordinary user can neither
execute suid scripts nor can he/she umount and remount with the suid
option.

This is as I understand it. (I'm not saying this is gospel, though)

Cheers,
Dave

ps, For your killall script, you're probably right...I doubt the users
could get back at you.  However, other things (file manipulations come
to mind), you should be careful that your logic is bulletproof to clever
ideas like creating symlinks in home directories to /etc/passwd,
/.rhosts, /etc/hosts.equiv, etc.  Sometimes, ownership or permissions
can be altered (surprisingly) with spectacular results.

--
+---------------------+---------------+


+---------------------+---------------+

 
 
 

1. ksh 1, perl 2 - ksh or perl for scripting?

Hi, all.  We are currently trying to decide if we should move from
/bin/sh as our language for production scripting to ksh, or if we
should move to perl instead.  Is anyone out there using perl as their
production scripting language of choice?

-Alan Harder                

 My opinions are not the opinions of the American Mathematical Society.
 Did you think they were?

2. NCR75 Pci Scsi chip

3. HELP: need an SUID CGI Perl Script, How?

4. Wrong group to su 'root'??

5. Perl script in C wrapper won't suid

6. Svgalib problems...

7. perl binary: does it include suid patch?

8. Domain not Bound?

9. ksh & SUID

10. SUID & Perl - help

11. SUID - ksh-script

12. make from suid perl script

13. Apache 1.1.1 and Perl SUID script problems.