by Ed Finc » Fri, 28 Aug 1998 04:00:00
We have about 400 Unix servers, mostly Solaris systems.
On IRIX 6.2 (the SGI OS) the default is to disallow the
execution of setuid scripts. A request has been made to
enable setuid scripts on the SGIs, and I would like to
start a discussion on the pros/cons of setuid scripts
in general.
Thanks in advance,
Ed
Q: Why do PCs have a reset button on the front?
A: Because they are expected to run Microsoft operating systems.
by Arran Pric » Tue, 01 Sep 1998 04:00:00
> We have about 400 Unix servers, mostly Solaris systems.
> On IRIX 6.2 (the SGI OS) the default is to disallow the
> execution of setuid scripts. A request has been made to
> enable setuid scripts on the SGIs, and I would like to
> start a discussion on the pros/cons of setuid scripts
> in general.
> Thanks in advance,
> Ed
> Q: Why do PCs have a reset button on the front?
> A: Because they are expected to run Microsoft operating systems.
Hope that helps
Arran
My opinions are my own and do not reflect those of my employer.
by Paul Sco » Tue, 01 Sep 1998 04:00:00
>> We have about 400 Unix servers, mostly Solaris systems.
>> On IRIX 6.2 (the SGI OS) the default is to disallow the
>> execution of setuid scripts. A request has been made to
>> enable setuid scripts on the SGIs, and I would like to
>> start a discussion on the pros/cons of setuid scripts
>> in general.
>Setuid scripts can be a security problem, mainly because as a script its
mainly because ANY shell suid shell script that I can execute (even if it
only has execute permission so I can't see what it does) will allow me to
get in as the suid user.
This has been discussed a lot before. setuid scripts are really bad.
Paul Scott
by Steve Madi » Wed, 16 Sep 1998 04:00:00
: --------------3D57BF7A62C8B0AF6C6D990A
: Content-Type: text/plain; charset=us-ascii
: Content-Transfer-Encoding: 7bit
: We have about 400 Unix servers, mostly Solaris systems.
: On IRIX 6.2 (the SGI OS) the default is to disallow the
: execution of setuid scripts. A request has been made to
: enable setuid scripts on the SGIs, and I would like to
: start a discussion on the pros/cons of setuid scripts
: in general.
A setuid script, in order to work, has to be readable by the person
executing it (world-readable generally). While this doesn't allow
the person reading it to change it, it *does* give him an extremely
* view of what the script is doing. Thus if the script has any
security flaws, no matter how bizzarre or obscure, the user has the
ability to discover them by deduction. Sometimes you can be bitten
by stuff you would never expect. (For example I remember one script
that did an "eval" on an string that contained some user input. So
a user sees this and devises an input value that will cause that
eval to execute a command, for example "chmod 777 /etc/shadow".)
To solve your problem:
It is extremely dead simple to make a C program like so:
int main(...)
{
system( "commandline to run the script here" );
And compile it and make it setuid. Have it run the script. Then theQuote:}
If you need something more versitile, look into "sudo".
--
1. What are the ramifications of enabling setuid scripts?
We have 6-12 SGIs running IRIX 6.2. A request has been made
to enable setuid scripts, but the default is to not allow
them. Why is the default "off" and what are the ramifications
of enabling this?
Thanks in advance,
Ed
Q: Why do PCs have a reset button on the front?
A: Because they are expected to run Microsoft operating systems.
2. solaris 7 for intel Configuration Assistant diskette
4. ASCII Box Draw Characters...
5. Want to enable setuid scripts
6. Linux doesn't recognize dos partitition. Please help!
7. Help. What am I doing wrong with setuid?
8. setuid - can you tell me what I am doing wrong?
9. Enabling core dumps for setuid programs
10. Setuid to enable user access to traceroute
11. Need help with setuid() problems on 386/ix with setuid root program.