Subject: Re: SetUID scripts
To: Greg Hudson <ghudson@mit.edu>
From: Chris G Demetriou <Chris_G_Demetriou@ux2.sp.cs.cmu.edu>
List: netbsd-help
Date: 07/03/1996 17:45:19
> Even with this hole closed,
> individual interpreters may have a host of inherent security issues
> (like /bin/sh and IFS), so setuid scripts will probably never be a
> very good idea.
Other interpreters have cute features that prevent set-id use...
e.g. csh closes all open file descriptors at startup, other than
stdin, stdout, and stder...
chris