Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'The SUID Bit' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
The SUID Bit
Authored by: Crawdad on Dec 11, '03 03:48:49PM
Think twice before setting the SUID bit for scripts (owned by root) that take arguments at the command line. Since you never know what parameters a malicious user may pass to your script. Since the script would run as root it could do great damage if misused.
Not enough. The invoker could set an environment variable which causes the script to be parsed differently by the shell. Take $IFS for example, normally containing SP TAB NEWLINE. Add a well-chosen letter to that and the script does something the author never dreamed of. Setuid shell scripts are Bad Juju. If you think you must have one, write a setuid C wrapper that cleans the environment, then does setreuid() and runs the script.

[ Reply to This | # ]