From linux-kernel Mon Jul 12 16:00:29 1999 From: Richard Guenther Date: Mon, 12 Jul 1999 16:00:29 +0000 To: linux-kernel Subject: Re: [RFC][PATCH] scripts with stdin replaced X-MARC-Message: https://marc.info/?l=linux-kernel&m=93179886928441 On Mon, 12 Jul 1999, Jamie Lokier wrote: > Richard Guenther wrote: > > > I don't understand. Do you have suid scripts in your boot process ? > > > Or do you mean that you used /proc/self/fd regardless of whether the script > > > was setuid or not ? > > > > Yes. I made it "dumb and generic" - passing /proc/self/fd only > > if the script is setuid seems ok and would probably fix the problem. > > How about checking if procfs is mounted? This fix is done for security, > but it's really a correctness thing and as such I'd like non-setuid > scripts to be just as correct. Umm, how? I will probably add an #ifdef CONFIG_PROC around the suid stuff, but if /proc is just not mounted, it does either fail (no such file) or err, somebody could stick a trojan horse to /dev/fd/3? Well, root could. But root could exec the file suid anyway. Richard. -- Richard Guenther PGP: 2E829319 - 2F 83 FC 93 E9 E4 19 E2 93 7A 32 42 45 37 23 57 WWW: http://www.anatom.uni-tuebingen.de/~richi/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/