Control: tags -1 moreinfo
On Mon, 23 Mar 2015 22:12:18 +0100 Christoph Anton Mitterer <
calestyo@scientia.net> wrote:
Apparently there's some strange patch applied against the Debian
version of bash, which allows suid scripts to be executed
(isn't that a security issue?).
Hi,
why would that be a security issues? Executing suid scripts is just as dangerous as executing suid binaries.
It also seems to invalidate that documented behaviour from the manpage:
If the shell is started with the effective user (group) id not equal to
the real user (group) id, and the -p option is not supplied, no startup >files are read, shell functions are not inherited from the environment,
the SHELLOPTS, BASHOPTS, CDPATH, and GLOBIGNORE variables, if they >appear in the environment, are ignored, and the effective user id is
set to the real user id. If the -p option is supplied at invocation,
the startup behavior is the same, but the effective user id is not >reset.
So could you please either correct the behaviour or accordingly remove
that documentation and add it to a secution of deviations between
upstream and Debian?
The documentation states what happens when bash acts as the interpreter
for a suid script. Certain variables are cleared, some files are not read.
Did you find that any of the described measures are not applied when
running suid scripts?
Regards,
--
Gioele Barabucci
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)