[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] running as root

To: Sheflug <sheflug [at] vuw.ac.nz>
Subject: Re: [Sheflug] running as root
From: Al Hudson <nospam [at] york.ac.uk>
Date: Fri, 5 May 2000 09:41:37 +0100 (BST)
List-help: <http://www.sheflug.co.uk>
List-owner: <mailto:sheflug-admins [at] vuw.ac.nz>
List-post: <mailto:sheflug [at] vuw.ac.nz>
List-subscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=subscribe>
List-unsubscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=unsubscribe>
Reply-to: "Sheflug" <sheflug [at] vuw.ac.nz>
Sender: sheflug-bounce [at] vuw.ac.nz

On Fri, 5 May 2000, Chris J/#6 wrote:

> > I'm still not sure that there's anything obvious there, but then that's
> > probably down to me. I'm afraid I treat shell scripts equivilent to other
> > executables, and I would imagine anything you can do with a shell script you
> > can replicate with a binary? Seems that way to me, anyway.
> 
> The problem with shell scripts is that it uses a whole host of other programs 
> which you do not know the security of. Every executable in a shell script is 
> <snip>

Yep, I know all that, it wasn't that I was disagreeing with. In fact, you
almost make my point for me further down - it's not the fact that bash
scripts aren't suid enabled; it's the fact that all other scripts that
rely on interpreters (from common languages such as Perl to less common,
such as C) are all lumped in together. Naff idea, IMHO ;)

> > Yes, that's usually worthwhile. I tried using -ansi and -pedantic once, but
> > it complained about good code and passed bad. At least, what I consider to
> > be good and bad. Unfortunately I'm not a K&R devotee, so perhaps I'm at a
> > disadvantage.... although I agree about tabs and braces ;)
> 
> Yep - I do like the K&R tab/brace style. What I hate is what we have to use 
> at work...along the lines of:

Yuck. I have to say, I usually follow most of CodingStyle, although there
are one or two bits I don't agree with ;)

> In this case, this isn't the kernel - system(3) is a libc call, bash is bash 
> :) Neither are kernel related. But I don't think ksh and csh do the same 
> checks though, and they both don't work.

Sorry, yes. My mind was still on the kernel case - I really don't think
it's something the kernel should be doing..

Cheers,

Alex.

---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

References:
- Re: [Sheflug] running as root
  - From: "Chris J/#6" <sixie [at] nccnet.co.uk>

Prev by Date: Re: [Sheflug] SSL on Apache
Next by Date: Re: [Sheflug] running as root
Prev by thread: Re: [Sheflug] running as root
Next by thread: Re: [Sheflug] running as root
Index(es):
- Date
- Thread