Re: [RFC][PATCH] scripts with stdin replaced

Jamie Lokier (lkd@tantalophile.demon.co.uk)
Mon, 12 Jul 1999 18:31:51 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Matthias Riese: "Re: mount options for root"
Previous message: Jamie Lokier: "Re: Linux TCP/IP stack."

Richard Guenther wrote:
> Umm, how? I will probably add an #ifdef CONFIG_PROC around the
> suid stuff, but if /proc is just not mounted, it does either
> fail (no such file) or err, somebody could stick a trojan horse
> to /dev/fd/3? Well, root could. But root could exec the file
> suid anyway.

Isn't the point that you want scripts to work when proc is not mounted,
and to be secure when it is?

I'd vote for existing behaviour when /proc is not mounted: refuse to
even try to exec setuid scripts, and run non-setuid ones as now. When
/proc is mounted, run all scripts using /proc/self/fd.

If you want to get clever you could use the actual location that procfs
is mounted on -- if /proc/mounts and getcwd() can print a path given a
dentry I'm sure you can :-)

BTW I don't like /dev/fd because it might not exist even though procfs
is mounted.

-- Jamie

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Matthias Riese: "Re: mount options for root"
Previous message: Jamie Lokier: "Re: Linux TCP/IP stack."