[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-kernel
Subject: Re: [RFC][PATCH] scripts with stdin replaced
From: Richard Guenther <zxmpm11 () student ! uni-tuebingen ! de>
Date: 1999-07-12 16:00:29
[Download RAW message or body]
On Mon, 12 Jul 1999, Jamie Lokier wrote:
> Richard Guenther wrote:
> > > I don't understand. Do you have suid scripts in your boot process ?
> > > Or do you mean that you used /proc/self/fd regardless of whether the script
> > > was setuid or not ?
> >
> > Yes. I made it "dumb and generic" - passing /proc/self/fd only
> > if the script is setuid seems ok and would probably fix the problem.
>
> How about checking if procfs is mounted? This fix is done for security,
> but it's really a correctness thing and as such I'd like non-setuid
> scripts to be just as correct.
Umm, how? I will probably add an #ifdef CONFIG_PROC around the
suid stuff, but if /proc is just not mounted, it does either
fail (no such file) or err, somebody could stick a trojan horse
to /dev/fd/3? Well, root could. But root could exec the file
suid anyway.
Richard.
--
Richard Guenther <richard.guenther@student.uni-tuebingen.de>
PGP: 2E829319 - 2F 83 FC 93 E9 E4 19 E2 93 7A 32 42 45 37 23 57
WWW: http://www.anatom.uni-tuebingen.de/~richi/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic