Re: [RFC][PATCH] scripts with stdin replaced

Horst von Brand (vonbrand@sleipnir.valparaiso.cl)
Thu, 08 Jul 1999 21:02:09 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Harald Koenig: "Re: need multiple e2fsck runs"
Previous message: Jakub Jelinek: "Re: QUESTION: 32-bit UIDs and Linux 2.3"

Ralf Baechle <ralf@uni-koblenz.de> said:
> On Tue, Jul 06, 1999 at 08:44:23AM -0400, Horst von Brand wrote:
> > > Probably the only safe well-known interpreter is perl, and that runs
> > > setuid scripts itself already.

> > That is a kludge, and it won't work at all when capabilities are done right
> > in the filesystem.

> I don't see why Perl's mechanism for SUID scripts used on Linux couldn't
> be expanded to cover capabilites as well. Except that that would make
> as small part of Perl the single point of failure in the security system.

I don't want to trust an all-capable Perl interpreter. Not on a system that
is important/critical enough to be secured by capabilitites. A clean
solution is given if the script carries capabilities, the kernel notes this
and invokes the interpreter with the capabilities the filesystem grants. In
this case it is useless to trick the interpreter.

-- Horst von Brand vonbrand@sleipnir.valparaiso.cl Casilla 9G, Viña del Mar, Chile +56 32 672616

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Harald Koenig: "Re: need multiple e2fsck runs"
Previous message: Jakub Jelinek: "Re: QUESTION: 32-bit UIDs and Linux 2.3"