Re: Bash scripting problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jeff Kinz wrote:
> You should always use the absolute paths to invoke commands in any script
> run by root.  This prevents people from putting "trojans" in the path

This *shouldn't* be necessary, at least on Linux. [1]

The two rules that are necessary anyway are
 * Root's $PATH should never include any directory where non-"trusted"
   users can write.

 * Root should only ever run "trusted" scripts.

And no-one can put trojans in the path.

OK, I suppose you *can* get around Rule 1 by *always* using absolute
paths, but you do have to make sure that both interactive users and
scripts always follow that rule. This isn't the norm, and is difficult
to enforce.

You will notice that the Fedora shell scripts in /etc/ don't follow your
suggested rule...

James.

[1] Certain Unices honoured the SetUID bit on shell scripts. That meant
that an attacker could set the PATH appropriately and run the script.
The script would run as root, but inherit the attacker's PATH. So unless
the script reset PATH first, it could be running the attacker's
"versions" of standard shell commands.

There were a number of other things that needed doing, and that shell
scripts didn't always do. This is (one reason) why Linux does not honour
the SetUID bit on shell scripts.

-- 
E-mail address: james |     The other shamans laughed at Norgle's Balloon
@westexe.demon.co.uk  | Animal totem, but he'd show 'em!  He'd show 'em all!
                      |     Except maybe the Porcupine Shaman.
                      | -- Ursula Vernon


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux