On 17 January 2012 14:32, Andy Dougherty <doughera@lafayette.edu> wrote: > On Tue, 17 Jan 2012, Andy Dougherty wrote: > >> On Mon, 16 Jan 2012, Rafael Garcia-Suarez wrote: > >> If I recall correctly, 'indir' was a program designed to indirectly >> execute other programs. My recollection is that it was supposed to be >> particularly useful in setuid situations where the OS didn't natively >> provide you much help, and/or perhaps in situations where the OS kernel >> limited you to 32 character command lines. > > Ah, here it is: > > http://ftp.sunet.se/pub/usenet/ftp.uu.net/comp.sources.unix/volume21/indir.gz I am impressed ! Thanks for digging that out. I'll push (later) a patch to remove the "indir" special-case. As for the decision of deprecating (or cutting off) the whole exec-what's-on-the-shebang functionality, I'll wait for informed advice. > Here is the basic description: > > Subject: v21i031: Safe way to run setuid shell scripts > Newsgroups: comp.sources.unix > Approved: rsalz@uunet.UU.NET > X-Checksum-Snefru: 4f572b9c 2ce9cfdd 5b62cea8 69ef7415 > > Submitted-by: Maarten Litmaath <maart@cs.vu.nl> > Posting-number: Volume 21, Issue 31 > Archive-name: indir > > Suppose you want everyone to be able to remove some lockfile, but you don't > want its directory to be world-writable. Isn't it ridiculous you'd have to > write a setuid C program to do the equivalent of the following shell script? > > #!/bin/sh > /bin/rm /some/directory/lockfile > > The problem: making this shell script setuid creates a security hole (see > the file `setuid.txt'). The solution: indir(1). Using this program the > script would be setuid and look like this: > > #!/bin/indir -u > #?/bin/sh /safe/path/to/this/script > /bin/rm /some/directory/lockfile > > > -- > Andy Dougherty doughera@lafayette.eduThread Previous | Thread Next