Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 5 Aug 1997 02:50:00 -0700
From:      "David O'Brien" <obrien@NUXI.COM>
To:        FreeBSD Mailing List <freebsd@atipa.com>
Cc:        "Jonathan A. Zdziarski" <jonz@netrail.net>, ports@freebsd.org, security@freebsd.org
Subject:   Re: SetUID
Message-ID:  <19970805025000.01050@dragon.nuxi.com>
In-Reply-To: <Pine.BSF.3.91.970804133131.9513A-100000@dot.ishiboo.com>; from FreeBSD Mailing List on Mon, Aug 04, 1997 at 01:36:27PM -0600
References:  <Pine.BSF.3.91.970804131806.8529A-100000@dot.ishiboo.com> <Pine.BSF.3.91.970804133131.9513A-100000@dot.ishiboo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> > You could instead write a setuid "wrapper" of some sort that runs a 
> > shell script (or set of scripts), using c, c++, etc. 
> 
> Here is a simple "wrapper":
> 
> -- cut here (wrapper.c) --
> 
> #include <stdlib.h>
> main()
> {
>         execl("/etc/rc.WHATEVER","WHATEVER",NULL);
> }

Still too dangerous.  The environment isn't cleansed.  Please try the
super port (ports/security/super) which is a wrapper program like this,
but does some cleansing and can use control lists.
 
-- 
-- David	(obrien@NUXI.com  -or-  obrien@FreeBSD.org)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970805025000.01050>