Re: Executable shell scripts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bernd Petrovitsch <[email protected]> wrote:
> On Sat, 2006-05-13 at 13:03 +0200, Mark Rosenstand wrote:
> [...]
> > A more useful case is when you setuid the script (and no, this doesn't
> > need to be running as root and/or executable by all.)
> 
> Apart from the permission bug: This has been purposely disabled since it
> is way to easy to write exploitable shell or other scripts.
> Use a real programming languages, sudo or a trivial wrapper in C ....

It isn't a bug on systems that support executable shell scripts.
Doing security policy based on programming language seems weird at
best, especially when the only user able to make those decisions is the
superuser.

Obviously the security-unaware people over at the OpenBSD camp must be
completely clueless when they don't disallow the superuser to do this.
I'm looking forward to the day where I'm no longer allowed to make
changes to /etc/ld.so.conf because it's a system file.

Anyway, is it possible to enable this functionality?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux