SUID permission on Bash script

[Matthew Seaman]

perryh at pluto.rain.com wrote:
> RW <rwmaillists at googlemail.com> wrote:
>> On Sat, 29 Aug 2009 00:06:29 -0700
>> perryh at pluto.rain.com wrote:
>>> Actually, absent some careful cooperation between the
>>> kernel and the interpreter to prevent a race condition ...
>> isn't that the same issue that Matthew Seaman was saying
>> was fixed years ago ... and is described in the follow-up:
>> http://www.mail-archive.com/freebsd-questions@freebsd.org/msg185145.html
>>
>> That's entirely in the kernel, it doesn't require interpreter
>> support.
> 
> Er, I'm pretty sure it _does_ require support in the interpreter.
> 
> It would do no good for the kernel to hand the interpreter an open
> descriptor if the interpreter did not somehow know to read the
> script from that open descriptor instead of opening the script file
> by name.  This approach is exactly the "careful cooperation between
> the kernel and the interpreter" that I was referring to.

Errr -- no.  That's what fdescfs(5) is for.   When the kernel execs 
the interpreter, it tells the script to open /dev/fd/5 (for example)
and doing that just connects the script to the open file descriptor
the kernel used previously to taste the magic number and the #! line 
of the script.

As fdescfs(5) says:

     [...] the call:

           fd = open("/dev/fd/0", mode);

     and the call:

           fd = fcntl(0, F_DUPFD, 0);

     are equivalent.

	Cheers,

	Matthew


-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090830/0abaabd1/signature.pgp