Pointer to WWW site for "safe SUID code" guidelines/examples?

Pointer to WWW site for "safe SUID code" guidelines/examples?

Post by Angelo A. Kee » Thu, 11 Aug 1994 22:26:18



I know that the subject is an oxymoron, but can someone give
me a pointer to any WWW site that may have information on
how to write "safe" (such as it is ;^) ) SUID code?

This is in C, not for a shell script.  What I'm thinking of doing is
creating an account
between two machines whose password will be automatically generated -
the SUID code
would be so  that  .rhost 'ing could be restricted to a single account
where a C wrapper
is used to expressly limit what can be done on that remote machine.

For example - I have a set of scripts that I want users to be able to
run on the remote machine,
but  I don't want them to be able to just  log  in and run these scripts
whenever they want to,
or to have a lot of .rhost files around the system.  So  they could call
the SUID wrapper which
would be SUID to a remote account that is .rhost'ed to itself only.
This wrapper could add
any level of additional checking/restriction to the individual user or
sets of users, depending
upon what I want them to be able to do.

Due to certain other restrictions, I am trying to accomplish this via
using only "rsh/remsh/rcmd"
between the systems, while limiting the extent of the access of a single
user as much as
possible.  I've got a SUID  C program which  appears to do what I want,
but now I need to
make it as "safe" as possible.  I've set the environment/path inside the
executable, but I can't
remember other holes that need plugging.

Thanks for any advice.

Angelo A. Keene
Lead Engineer - Software
Harris Information Systems Division
Melbourne Florida, USA 32901

different than reply addr!