Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932391AbWEMMCI (ORCPT ); Sat, 13 May 2006 08:02:08 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S932399AbWEMMCH (ORCPT ); Sat, 13 May 2006 08:02:07 -0400 Received: from ns.firmix.at ([62.141.48.66]:62654 "EHLO ns.firmix.at") by vger.kernel.org with ESMTP id S932391AbWEMMCG (ORCPT ); Sat, 13 May 2006 08:02:06 -0400 Subject: Re: Executable shell scripts From: Bernd Petrovitsch To: Mark Rosenstand Cc: arjan@infradead.org, linux-kernel@vger.kernel.org In-Reply-To: <20060513114509.3A90D146AF@hunin.borkware.net> References: <20060513103841.B6683146AF@hunin.borkware.net> <1147517786.3217.0.camel@laptopd505.fenrus.org> <20060513110324.10A38146AF@hunin.borkware.net> <1147519329.3084.20.camel@gimli.at.home> <20060513114509.3A90D146AF@hunin.borkware.net> Content-Type: text/plain Organization: http://www.firmix.at/ Date: Sat, 13 May 2006 13:56:03 +0200 Message-Id: <1147521363.3084.34.camel@gimli.at.home> Mime-Version: 1.0 X-Mailer: Evolution 2.6.1 (2.6.1-1.fc5.2) Content-Transfer-Encoding: 7bit X-Spam-Score: -2.187 () AWL,BAYES_00,FORGED_RCVD_HELO Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1891 Lines: 49 On Sat, 2006-05-13 at 13:45 +0200, Mark Rosenstand wrote: > Bernd Petrovitsch wrote: > > On Sat, 2006-05-13 at 13:03 +0200, Mark Rosenstand wrote: > > [...] > > > A more useful case is when you setuid the script (and no, this doesn't > > > need to be running as root and/or executable by all.) > > > > Apart from the permission bug: This has been purposely disabled since it > > is way to easy to write exploitable shell or other scripts. > > Use a real programming languages, sudo or a trivial wrapper in C .... s/languages/language/ And I forgot to mention that a kernel patch is another possibility. > It isn't a bug on systems that support executable shell scripts. I never wrote that (or anything which implies that directly). > Doing security policy based on programming language seems weird at > best, especially when the only user able to make those decisions is the > superuser. It boils down to "how easy is it for root to shoot in the foot"? And the workarounds are somewhere between trivial and simple. > Obviously the security-unaware people over at the OpenBSD camp must be > completely clueless when they don't disallow the superuser to do this. Of course this doesn't change the level of security but it plays with the risk .... > I'm looking forward to the day where I'm no longer allowed to make > changes to /etc/ld.so.conf because it's a system file. > > Anyway, is it possible to enable this functionality? Yes. Bernd -- Firmix Software GmbH http://www.firmix.at/ mobil: +43 664 4416156 fax: +43 1 7890849-55 Embedded Linux Development and Services - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/